package org.perfectprivacy.android.logic;

import android.util.Log;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Observable;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes.dex */
public class TrustedCertificateManager extends Observable {
    private static final String TAG = TrustedCertificateManager.class.getSimpleName();
    private Hashtable<String, X509Certificate> mCACerts;
    private final ArrayList<KeyStore> mKeyStores;
    private boolean mLoaded;
    private final ReentrantReadWriteLock mLock;
    private volatile boolean mReload;

    /* loaded from: classes.dex */
    private static class Singleton {
        public static final TrustedCertificateManager mInstance = new TrustedCertificateManager();

        private Singleton() {
        }
    }

    /* loaded from: classes.dex */
    public enum TrustedCertificateSource {
        SYSTEM("system:"),
        USER("user:"),
        LOCAL("local:");

        private final String mPrefix;

        TrustedCertificateSource(String str) {
            this.mPrefix = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String getPrefix() {
            return this.mPrefix;
        }
    }

    private TrustedCertificateManager() {
        this.mLock = new ReentrantReadWriteLock();
        this.mCACerts = new Hashtable<>();
        this.mKeyStores = new ArrayList<>();
        String[] strArr = {"LocalCertificateStore", "AndroidCAStore"};
        for (int i = 0; i < 2; i++) {
            String str = strArr[i];
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(null, null);
                this.mKeyStores.add(keyStore);
            } catch (Exception e) {
                Log.e(TAG, "Unable to load KeyStore: " + str);
                e.printStackTrace();
            }
        }
    }

    private void fetchCertificates(Hashtable<String, X509Certificate> hashtable, KeyStore keyStore) {
        try {
            hashtable.put("user:ppca", (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream("-----BEGIN CERTIFICATE-----\nMIIHOjCCBSKgAwIBAgIJAOgzuXGrNVWFMA0GCSqGSIb3DQEBDQUAMIGQMQswCQYD\nVQQGEwJDSDEMMAoGA1UECBMDWnVnMQwwCgYDVQQHEwNadWcxGDAWBgNVBAoTD1Bl\ncmZlY3QgUHJpdmFjeTEhMB8GA1UEAxMYUGVyZmVjdCBQcml2YWN5IElQU0VDIENB\nMSgwJgYJKoZIhvcNAQkBFhlhZG1pbkBwZXJmZWN0LXByaXZhY3kuY29tMB4XDTE2\nMDQxMTIzMjU1NVoXDTI2MDQwOTIzMjU1NVowgZAxCzAJBgNVBAYTAkNIMQwwCgYD\nVQQIEwNadWcxDDAKBgNVBAcTA1p1ZzEYMBYGA1UEChMPUGVyZmVjdCBQcml2YWN5\nMSEwHwYDVQQDExhQZXJmZWN0IFByaXZhY3kgSVBTRUMgQ0ExKDAmBgkqhkiG9w0B\nCQEWGWFkbWluQHBlcmZlY3QtcHJpdmFjeS5jb20wggIiMA0GCSqGSIb3DQEBAQUA\nA4ICDwAwggIKAoICAQDHcIewTlU9SJN7GW7mUQpSkvPc6M8aOxrbUrgCEojLLgwX\nGNT3QhGmB3NUc+erR1RXF6T2XsPR9xtBUPKeSogyR4ifKXB8SlL+9MP45THw8fCw\n9qeQEy0eqMdtGU9R8K1wgbm9jstaDKkSBoU9zTQMo+kDbHP7190JyfeC5uG3u//A\nNPpwDs4MTHWEphiybZIt3z06ClunFNjheWTJZNSMckxCq/L+nEihUcrgtwf72+Lj\nfAoBtGRb0mp3PjoAfG9q46gwS19gwOeaK3Kq35tNFmsmr6gzCIbJiGtc9iqpgM7N\n1bEAxhkb9EkUC63gas4fZjqKv8e1H/KNwqRPK9TUyVMG1unaVUZcg4Mqxz4mOwRf\nHSVFsaHlh+Ss9CdY3b2vRwxvcm/g1JgjynSvm3GAE4QIEnVSko/cQyU0EfvFuFhF\nobPTUzKLLRtofn/RmWC9coYlvleLX23xOxzf5oCNym5i7ZecubeBGjsE7WMPaBaE\nl0I+D2xBwouMIiRYwAL1+tAAhyHsNheSrTeWKRj8Zy2gbI4aeCs4JZC15UINLtJD\nQhkfeBENRSyhKqATbYDnT1Uq3ju+xcDAcm9cavJH4iThWskmFtAxuzjNPTnJafaX\nYTyc7z59rWGG7RcSgLcMI1DyUN8P1ARx+ERFArdXim0jz9HIHlngACVpMctiZQID\nAQABo4IBkzCCAY8wHQYDVR0OBBYEFFzN7fVJPhS9C4MtrgSxbAo4am7vMIHFBgNV\nHSMEgb0wgbqAFFzN7fVJPhS9C4MtrgSxbAo4am7voYGWpIGTMIGQMQswCQYDVQQG\nEwJDSDEMMAoGA1UECBMDWnVnMQwwCgYDVQQHEwNadWcxGDAWBgNVBAoTD1BlcmZl\nY3QgUHJpdmFjeTEhMB8GA1UEAxMYUGVyZmVjdCBQcml2YWN5IElQU0VDIENBMSgw\nJgYJKoZIhvcNAQkBFhlhZG1pbkBwZXJmZWN0LXByaXZhY3kuY29tggkA6DO5cas1\nVYUwDAYDVR0TBAUwAwEB/zBKBglghkgBhvhCAQQEPRY7aHR0cDovL3d3dy5wZXJm\nZWN0LXByaXZhY3kuY29tL1BlcmZlY3RfUHJpdmFjeV9JUFNFQ19DQS5jcmwwTAYD\nVR0fBEUwQzBBoD+gPYY7aHR0cDovL3d3dy5wZXJmZWN0LXByaXZhY3kuY29tL1Bl\ncmZlY3RfUHJpdmFjeV9JUFNFQ19DQS5jcmwwDQYJKoZIhvcNAQENBQADggIBAGCr\nXDVQJxyN0w0CUPk1zqiq98uSR6Cm1xeixbdrU0z1VYcNWj0LSgbbju/XNyT+8zYu\nB+BodYyYKzFLLIuvzkYMecXXglCV5uwKQ9tzFv8GxRZruAw7Z7bcXxBDyayzrILt\nP2oe0Ljpoj0NnnuTbpqiYLpQfBQtdS5YJ+QSsKZUC7b+hFqbfy++LT/IkwAQciFT\nm2BkA9g7ObuvkufqNg0puRPhrIMsajQrLuU7AvAw63FZFyvM/4wvuwsA4O+6DGp8\ndUTqA3UynNRkQVeUxeZvqqsvbukGD95rXK3c+Li6Ftib5Usx/sQx9JS45Uk4n0AI\nyDUirsLudEkNPn8rpebFX65GAZC7hvys2wBFEbEKJIXBvLQiLy/XeAct0opylyBh\nsqipqKVyDXX2wvQRan6yhBnZsf9v/vr00ybdenYl1Vb0FKX2BLGU8VdydgbKr8gX\ndFT+oBpXp4Yet559UIvkUQE7bBt8X9H/VcTm73AvO5stquM4zcPZ4vR7/Btj7pfO\nr9qLJB26CcI1LdXO39/NmYcjAjSNbJVbpI4gnFJHK9YlITGBrLR2yhRtHdZD9zMW\n1kMdOaxxKnDMZHDOgJlvNaK7qMXSst04gRkGySIgUwHPPH85g5el4h1LP8i3EeXa\n2g2eH8ETgGeGN/j6D4CzmewtOi3BkqLdGSPma1Tz\n-----END CERTIFICATE-----".getBytes())));
        } catch (CertificateException e) {
            e.printStackTrace();
        }
    }

    public static TrustedCertificateManager getInstance() {
        return Singleton.mInstance;
    }

    private void loadCertificates() {
        Log.d(TAG, "Load cached CA certificates");
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        Iterator<KeyStore> it = this.mKeyStores.iterator();
        while (it.hasNext()) {
            fetchCertificates(hashtable, it.next());
        }
        this.mCACerts = hashtable;
        if (!this.mLoaded) {
            setChanged();
            notifyObservers();
            this.mLoaded = true;
        }
        Log.d(TAG, "Cached CA certificates loaded");
    }

    public Hashtable<String, X509Certificate> getAllCACertificates() {
        this.mLock.readLock().lock();
        Hashtable<String, X509Certificate> hashtable = (Hashtable) this.mCACerts.clone();
        this.mLock.readLock().unlock();
        return hashtable;
    }

    public X509Certificate getCACertificateFromAlias(String str) {
        if (this.mLock.readLock().tryLock()) {
            X509Certificate x509Certificate = this.mCACerts.get(str);
            this.mLock.readLock().unlock();
            return x509Certificate;
        }
        Iterator<KeyStore> it = this.mKeyStores.iterator();
        while (it.hasNext()) {
            try {
                Certificate certificate = it.next().getCertificate(str);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    return (X509Certificate) certificate;
                }
            } catch (KeyStoreException e) {
                e.printStackTrace();
            }
        }
        return null;
    }

    public Hashtable<String, X509Certificate> getCACertificates(TrustedCertificateSource trustedCertificateSource) {
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        this.mLock.readLock().lock();
        for (String str : this.mCACerts.keySet()) {
            if (str.startsWith(trustedCertificateSource.getPrefix())) {
                hashtable.put(str, this.mCACerts.get(str));
            }
        }
        this.mLock.readLock().unlock();
        return hashtable;
    }

    public TrustedCertificateManager load() {
        Log.d(TAG, "Ensure cached CA certificates are loaded");
        this.mLock.writeLock().lock();
        if (!this.mLoaded || this.mReload) {
            this.mReload = false;
            loadCertificates();
        }
        this.mLock.writeLock().unlock();
        return this;
    }

    public TrustedCertificateManager reset() {
        Log.d(TAG, "Force reload of cached CA certificates on next load");
        this.mReload = true;
        setChanged();
        notifyObservers();
        return this;
    }
}
