package org.kontalk.util;

import android.content.Context;
import android.os.Build;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.kontalk.R;
import org.kontalk.crypto.PGP;

/* loaded from: classes.dex */
public class InternalTrustStore {
    private static boolean sInitialized;
    private static KeyStore sTrustStore;

    public static KeyStore getTrustStore(Context context) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (sTrustStore == null) {
            sTrustStore = KeyStore.getInstance("BKS", PGP.PROVIDER);
            sTrustStore.load(context.getResources().openRawResource(R.raw.truststore), "changeit".toCharArray());
            KeyStore loadSystemTrustStore = loadSystemTrustStore();
            Enumeration<String> aliases = loadSystemTrustStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = loadSystemTrustStore.getCertificate(nextElement);
                if (sTrustStore.containsAlias(nextElement)) {
                    nextElement = "system_" + nextElement;
                }
                sTrustStore.setCertificateEntry(nextElement, certificate);
            }
        }
        return sTrustStore;
    }

    public static void initUrlConnections(Context context) throws NoSuchAlgorithmException, CertificateException, KeyStoreException, IOException, KeyManagementException {
        if (sInitialized) {
            return;
        }
        sInitialized = true;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(getTrustStore(context));
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagers, null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
    }

    private static KeyStore loadSystemTrustStore() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (Build.VERSION.SDK_INT >= 14) {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            keyStore.load(null, null);
            return keyStore;
        }
        KeyStore keyStore2 = KeyStore.getInstance("BKS");
        String property = System.getProperty("javax.net.ssl.trustStore");
        if (property == null) {
            property = System.getProperty("java.home") + File.separator + "etc" + File.separator + "security" + File.separator + "cacerts.bks";
        }
        keyStore2.load(new FileInputStream(property), null);
        return keyStore2;
    }
}
