package sun.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import sun.security.x509.X500Name;

/* loaded from: input_file:sun/security/SimpleTrustDecider.class */
public final class SimpleTrustDecider implements TrustDecider, AliasChooser {
    private long timestamp;
    private File filename;
    private Hashtable certs;
    private CertFileManager manager;
    private boolean useDefaults;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:sun/security/SimpleTrustDecider$Entry.class */
    public class Entry {
        private final SimpleTrustDecider this$0;
        X509Certificate certificate;

        Entry(SimpleTrustDecider simpleTrustDecider, X509Certificate x509Certificate) {
            this.this$0 = simpleTrustDecider;
            this.this$0 = simpleTrustDecider;
            this.certificate = x509Certificate;
        }

        Entry(SimpleTrustDecider simpleTrustDecider, X509Certificate x509Certificate, String str) {
            this.this$0 = simpleTrustDecider;
            this.this$0 = simpleTrustDecider;
            this.certificate = x509Certificate;
        }

        public int hashCode() {
            return this.certificate.hashCode();
        }

        public boolean equals(Object obj) {
            return this.certificate.equals(obj);
        }
    }

    public SimpleTrustDecider(File file) throws IOException {
        this.useDefaults = true;
        this.filename = file;
        this.manager = new CertFileManager(this.filename, AuthContext.getDefault(), AuthContext.getPassphraseIndex());
        try {
            load();
            this.useDefaults = false;
        } catch (FileNotFoundException unused) {
            useDefaults(true);
        }
    }

    public SimpleTrustDecider() throws IOException {
        this.useDefaults = true;
        useDefaults(true);
    }

    private void useDefaults(boolean z) throws IOException {
        if (this.certs == null) {
            this.certs = new Hashtable();
        }
        X509Certificate[] certs = VeriSign.getCerts();
        for (int i = 0; i < certs.length; i++) {
            this.certs.put(certs[i], new Entry(this, certs[i]));
            if (!z) {
                this.manager.setCertificate(certs[i], certs[i].getIssuerDN().toString(), null);
            }
        }
        if (z) {
            return;
        }
        store();
    }

    private void load() throws IOException {
        long currentTimeMillis = System.currentTimeMillis();
        Hashtable hashtable = new Hashtable();
        new FileInputStream(this.filename);
        this.manager.load();
        X509Certificate[] allCertificates = this.manager.getAllCertificates();
        for (int i = 0; i < allCertificates.length; i++) {
            hashtable.put(allCertificates[i], new Entry(this, allCertificates[i]));
        }
        this.timestamp = currentTimeMillis;
        this.certs = hashtable;
    }

    private void refresh() throws IOException {
        if (this.useDefaults || this.filename == null || this.timestamp >= this.filename.lastModified()) {
            return;
        }
        load();
    }

    private void store() throws IOException {
        this.manager.save();
    }

    @Override // sun.security.TrustDecider
    public boolean isTrustedFor(X509Certificate[] x509CertificateArr, String str, Date date) {
        X509Certificate x509Certificate;
        Entry entry = null;
        if (!str.equals("channel") && !str.equals("codesigning")) {
            return false;
        }
        try {
            refresh();
        } catch (IOException unused) {
        }
        for (int i = 0; i < x509CertificateArr.length; i++) {
            try {
                x509CertificateArr[i].checkValidity(date);
                Entry entry2 = (Entry) this.certs.get(x509CertificateArr[i]);
                entry = entry2;
                if (entry2 != null) {
                    break;
                }
                X500Name x500Name = (X500Name) x509CertificateArr[i].getIssuerDN();
                if (i + 1 != x509CertificateArr.length) {
                    x509Certificate = x509CertificateArr[i + 1];
                    if (!x500Name.equals(x509Certificate.getSubjectDN())) {
                        return false;
                    }
                } else {
                    entry = lookup(x500Name);
                    if (entry == null) {
                        return false;
                    }
                    x509Certificate = entry.certificate;
                }
                if (x509Certificate == null) {
                    return false;
                }
                try {
                    x509CertificateArr[i].verify(x509Certificate.getPublicKey());
                } catch (Exception e) {
                    e.printStackTrace();
                    return false;
                }
            } catch (Exception unused2) {
                return false;
            }
        }
        return entry != null;
    }

    public void declareTrustFor(X509Certificate x509Certificate, String str) throws IOException {
        refresh();
        this.certs.put(x509Certificate, new Entry(this, x509Certificate, str));
        if (this.useDefaults) {
            return;
        }
        this.manager.setCertificate(x509Certificate, x509Certificate.getSubjectDN().toString(), null);
        store();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void declareDefaultTrustFor(X509Certificate x509Certificate, String str) {
        if (this.useDefaults) {
            this.certs.put(x509Certificate, new Entry(this, x509Certificate, str));
        }
    }

    private Entry lookup(X500Name x500Name) {
        Enumeration elements = this.certs.elements();
        while (elements.hasMoreElements()) {
            Entry entry = (Entry) elements.nextElement();
            if (entry.certificate.getSubjectDN().equals(x500Name)) {
                return entry;
            }
        }
        return null;
    }

    @Override // sun.security.TrustDecider
    public X509Certificate[] getAcceptedCAs(String str) {
        Vector vector = new Vector();
        Enumeration elements = this.certs.elements();
        while (elements.hasMoreElements()) {
            vector.addElement(((Entry) elements.nextElement()).certificate);
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[vector.size()];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            x509CertificateArr[i] = (X509Certificate) vector.elementAt(i);
        }
        return x509CertificateArr;
    }

    @Override // sun.security.AliasChooser
    public String chooseCertificateAlias(String str, Hashtable hashtable, X509Certificate[] x509CertificateArr) {
        Date date = new Date();
        Enumeration keys = hashtable.keys();
        while (keys.hasMoreElements()) {
            String str2 = (String) keys.nextElement();
            if (!isTrustedFor((X509Certificate[]) hashtable.get(str2), str, date)) {
                hashtable.remove(str2);
            }
        }
        return (String) hashtable.keys().nextElement();
    }

    public Enumeration getTrustedCertificates() {
        return this.certs.keys();
    }
}
