package com.commonsware.cwac.netsecurity.config;

import com.commonsware.cwac.netsecurity.conscrypt.Hex;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes10.dex */
abstract class a implements CertificateSource {

    /* renamed from: a, reason: collision with root package name */
    private final File f3698a;

    /* renamed from: b, reason: collision with root package name */
    private final Object f3699b = new Object();

    /* renamed from: c, reason: collision with root package name */
    private final CertificateFactory f3700c;
    private HashSet d;

    /* renamed from: com.commonsware.cwac.netsecurity.config.a$a, reason: collision with other inner class name */
    /* loaded from: classes10.dex */
    final class C0110a implements c {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ X509Certificate f3701a;

        C0110a(X509Certificate x509Certificate) {
            this.f3701a = x509Certificate;
        }

        @Override // com.commonsware.cwac.netsecurity.config.a.c
        public final boolean a(X509Certificate x509Certificate) {
            return x509Certificate.getPublicKey().equals(this.f3701a.getPublicKey());
        }
    }

    /* loaded from: classes10.dex */
    final class b implements c {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ X509Certificate f3702a;

        b(X509Certificate x509Certificate) {
            this.f3702a = x509Certificate;
        }

        @Override // com.commonsware.cwac.netsecurity.config.a.c
        public final boolean a(X509Certificate x509Certificate) {
            try {
                this.f3702a.verify(x509Certificate.getPublicKey());
                return true;
            } catch (Exception unused) {
                return false;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes10.dex */
    public interface c {
        boolean a(X509Certificate x509Certificate);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public a(File file) {
        this.f3698a = file;
        try {
            this.f3700c = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            throw new RuntimeException("Failed to obtain X.509 CertificateFactory", e);
        }
    }

    public static int X509_NAME_hash_old(X500Principal x500Principal) {
        try {
            byte[] digest = MessageDigest.getInstance(MessageDigestAlgorithms.MD5).digest(x500Principal.getEncoded());
            return ((digest[3] & 255) << 24) | (digest[0] & 255) | ((digest[1] & 255) << 8) | ((digest[2] & 255) << 16);
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private X509Certificate a(X500Principal x500Principal, c cVar) {
        String intToHexString = Hex.intToHexString(X509_NAME_hash_old(x500Principal), 8);
        for (int i = 0; i >= 0; i++) {
            String str = intToHexString + "." + i;
            if (!new File(this.f3698a, str).exists()) {
                return null;
            }
            if (!isCertMarkedAsRemoved(str)) {
                X509Certificate b3 = b(str);
                if (x500Principal.equals(b3.getSubjectX500Principal()) && cVar.a(b3)) {
                    return b3;
                }
            }
        }
        return null;
    }

    private X509Certificate b(String str) {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2 = null;
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(new File(this.f3698a, str)));
            try {
                X509Certificate x509Certificate = (X509Certificate) this.f3700c.generateCertificate(bufferedInputStream);
                try {
                    bufferedInputStream.close();
                } catch (RuntimeException e) {
                    throw e;
                } catch (Exception unused) {
                }
                return x509Certificate;
            } catch (IOException | CertificateException unused2) {
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (RuntimeException e5) {
                        throw e5;
                    } catch (Exception unused3) {
                    }
                }
                return null;
            } catch (Throwable th) {
                th = th;
                bufferedInputStream2 = bufferedInputStream;
                if (bufferedInputStream2 != null) {
                    try {
                        bufferedInputStream2.close();
                    } catch (RuntimeException e6) {
                        throw e6;
                    } catch (Exception unused4) {
                    }
                }
                throw th;
            }
        } catch (IOException | CertificateException unused5) {
            bufferedInputStream = null;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public Set<X509Certificate> findAllByIssuerAndSignature(X509Certificate x509Certificate) {
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        String intToHexString = Hex.intToHexString(X509_NAME_hash_old(issuerX500Principal), 8);
        HashSet hashSet = null;
        for (int i = 0; i >= 0; i++) {
            String str = intToHexString + "." + i;
            if (!new File(this.f3698a, str).exists()) {
                break;
            }
            if (!isCertMarkedAsRemoved(str)) {
                X509Certificate b3 = b(str);
                if (issuerX500Principal.equals(b3.getSubjectX500Principal())) {
                    try {
                        x509Certificate.verify(b3.getPublicKey());
                        if (hashSet == null) {
                            hashSet = new HashSet();
                        }
                        hashSet.add(b3);
                    } catch (Exception unused) {
                    }
                }
            }
        }
        return hashSet != null ? hashSet : Collections.emptySet();
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public X509Certificate findByIssuerAndSignature(X509Certificate x509Certificate) {
        return a(x509Certificate.getIssuerX500Principal(), new b(x509Certificate));
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public X509Certificate findBySubjectAndPublicKey(X509Certificate x509Certificate) {
        return a(x509Certificate.getSubjectX500Principal(), new C0110a(x509Certificate));
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public Set<X509Certificate> getCertificates() {
        X509Certificate b3;
        synchronized (this.f3699b) {
            try {
                HashSet hashSet = this.d;
                if (hashSet != null) {
                    return hashSet;
                }
                HashSet hashSet2 = new HashSet();
                if (this.f3698a.isDirectory()) {
                    for (String str : this.f3698a.list()) {
                        if (!isCertMarkedAsRemoved(str) && (b3 = b(str)) != null) {
                            hashSet2.add(b3);
                        }
                    }
                }
                this.d = hashSet2;
                return hashSet2;
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    @Override // com.commonsware.cwac.netsecurity.config.CertificateSource
    public void handleTrustStorageUpdate() {
        synchronized (this.f3699b) {
            this.d = null;
        }
    }

    protected abstract boolean isCertMarkedAsRemoved(String str);
}
