package com.commonsware.cwac.netsecurity.config;

import com.commonsware.cwac.netsecurity.conscrypt.Hex;
import com.moji.skinshop.util.CertificateCoder;
import com.moji.tool.FileTool;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import kotlin.UByte;

/* loaded from: classes.dex */
abstract class DirectoryCertificateSource implements CertificateSource {
    private final File a;
    private final Object b = new Object();
    private final CertificateFactory c;
    private Set<X509Certificate> d;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public interface CertSelector {
        boolean a(X509Certificate x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DirectoryCertificateSource(File file) {
        this.a = file;
        try {
            this.c = CertificateFactory.getInstance(CertificateCoder.X509);
        } catch (CertificateException e) {
            throw new RuntimeException("Failed to obtain X.509 CertificateFactory", e);
        }
    }

    public static int X509_NAME_hash_old(X500Principal x500Principal) {
        return a(x500Principal, "MD5");
    }

    private static int a(X500Principal x500Principal, String str) {
        try {
            byte[] digest = MessageDigest.getInstance(str).digest(x500Principal.getEncoded());
            return ((digest[3] & UByte.MAX_VALUE) << 24) | ((digest[1] & UByte.MAX_VALUE) << 8) | ((digest[0] & UByte.MAX_VALUE) << 0) | ((digest[2] & UByte.MAX_VALUE) << 16);
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private String a(X500Principal x500Principal) {
        return Hex.intToHexString(X509_NAME_hash_old(x500Principal), 8);
    }

    private X509Certificate a(String str) {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2 = null;
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(this.a, str)));
            try {
                X509Certificate x509Certificate = (X509Certificate) this.c.generateCertificate(bufferedInputStream);
                try {
                    bufferedInputStream.close();
                } catch (RuntimeException e) {
                    throw e;
                } catch (Exception unused) {
                }
                return x509Certificate;
            } catch (IOException | CertificateException unused2) {
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (RuntimeException e2) {
                        throw e2;
                    } catch (Exception unused3) {
                    }
                }
                return null;
            } catch (Throwable th) {
                th = th;
                bufferedInputStream2 = bufferedInputStream;
                if (bufferedInputStream2 != null) {
                    try {
                        bufferedInputStream2.close();
                    } catch (RuntimeException e3) {
                        throw e3;
                    } catch (Exception unused4) {
                    }
                }
                throw th;
            }
        } catch (IOException | CertificateException unused5) {
            bufferedInputStream = null;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    private Set<X509Certificate> a(X500Principal x500Principal, CertSelector certSelector) {
        String a = a(x500Principal);
        HashSet hashSet = null;
        for (int i = 0; i >= 0; i++) {
            String str = a + FileTool.FILE_EXTENSION_SEPARATOR + i;
            if (!new File(this.a, str).exists()) {
                break;
            }
            if (!isCertMarkedAsRemoved(str)) {
                X509Certificate a2 = a(str);
                if (x500Principal.equals(a2.getSubjectX500Principal()) && certSelector.a(a2)) {
                    if (hashSet == null) {
                        hashSet = new HashSet();
                    }
                    hashSet.add(a2);
                }
            }
        }
        return hashSet != null ? hashSet : Collections.emptySet();
    }

    private X509Certificate b(X500Principal x500Principal, CertSelector certSelector) {
        String a = a(x500Principal);
        for (int i = 0; i >= 0; i++) {
            String str = a + FileTool.FILE_EXTENSION_SEPARATOR + i;
            if (!new File(this.a, str).exists()) {
                return null;
            }
            if (!isCertMarkedAsRemoved(str)) {
                X509Certificate a2 = a(str);
                if (x500Principal.equals(a2.getSubjectX500Principal()) && certSelector.a(a2)) {
                    return a2;
                }
            }
        }
        return null;
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public Set<X509Certificate> findAllByIssuerAndSignature(final X509Certificate x509Certificate) {
        return a(x509Certificate.getIssuerX500Principal(), new CertSelector() { // from class: com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.3
            @Override // com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.CertSelector
            public boolean a(X509Certificate x509Certificate2) {
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                    return true;
                } catch (Exception unused) {
                    return false;
                }
            }
        });
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public X509Certificate findByIssuerAndSignature(final X509Certificate x509Certificate) {
        return b(x509Certificate.getIssuerX500Principal(), new CertSelector() { // from class: com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.2
            @Override // com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.CertSelector
            public boolean a(X509Certificate x509Certificate2) {
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                    return true;
                } catch (Exception unused) {
                    return false;
                }
            }
        });
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public X509Certificate findBySubjectAndPublicKey(final X509Certificate x509Certificate) {
        return b(x509Certificate.getSubjectX500Principal(), new CertSelector() { // from class: com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.1
            @Override // com.commonsware.cwac.netsecurity.config.DirectoryCertificateSource.CertSelector
            public boolean a(X509Certificate x509Certificate2) {
                return x509Certificate2.getPublicKey().equals(x509Certificate.getPublicKey());
            }
        });
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public Set<X509Certificate> getCertificates() {
        X509Certificate a;
        synchronized (this.b) {
            if (this.d != null) {
                return this.d;
            }
            HashSet hashSet = new HashSet();
            if (this.a.isDirectory()) {
                for (String str : this.a.list()) {
                    if (!isCertMarkedAsRemoved(str) && (a = a(str)) != null) {
                        hashSet.add(a);
                    }
                }
            }
            this.d = hashSet;
            return this.d;
        }
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public void handleTrustStorageUpdate() {
        synchronized (this.b) {
            this.d = null;
        }
    }

    protected abstract boolean isCertMarkedAsRemoved(String str);
}
