package eu.siacs.conversations.services;

import android.app.Application;
import android.app.NotificationManager;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Build;
import android.os.Handler;
import android.util.Base64;
import android.util.Log;
import android.util.SparseArray;
import androidx.appcompat.app.AppCompatActivity;
import androidx.core.util.Consumer;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import de.monocles.chat.R;
import eu.siacs.conversations.crypto.BundledTrustManager;
import eu.siacs.conversations.crypto.CombiningTrustManager;
import eu.siacs.conversations.crypto.TrustManagers;
import eu.siacs.conversations.crypto.XmppDomainVerifier;
import eu.siacs.conversations.entities.MTMDecision;
import eu.siacs.conversations.persistance.FileBackend;
import eu.siacs.conversations.ui.MemorizingActivity;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Enumeration;
import java.util.Locale;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import org.minidns.dane.DaneVerifier;

/* loaded from: classes5.dex */
public class MemorizingTrustManager {
    static final String DECISION_INTENT = "de.duenndns.ssl.DECISION";
    public static final String DECISION_INTENT_CERT = "de.duenndns.ssl.DECISION.cert";
    public static final String DECISION_INTENT_ID = "de.duenndns.ssl.DECISION.decisionId";
    public static final String DECISION_TITLE_ID = "de.duenndns.ssl.DECISION.titleId";
    static final String NO_TRUST_ANCHOR = "Trust anchor for certification path not found.";
    private KeyStore appKeyStore;
    private X509TrustManager appTrustManager;
    private final DaneVerifier daneVerifier;
    private final X509TrustManager defaultTrustManager;
    AppCompatActivity foregroundAct;
    private File keyStoreFile;
    Context master;
    Handler masterHandler;
    NotificationManager notificationManager;
    private static final SimpleDateFormat DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd", Locale.US);
    private static final Pattern PATTERN_IPV4 = Pattern.compile("\\A(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}\\z");
    private static final Pattern PATTERN_IPV6_HEX4DECCOMPRESSED = Pattern.compile("\\A((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4})*)?) ::((?:[0-9A-Fa-f]{1,4}:)*)(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}\\z");
    private static final Pattern PATTERN_IPV6_6HEX4DEC = Pattern.compile("\\A((?:[0-9A-Fa-f]{1,4}:){6,6})(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}\\z");
    private static final Pattern PATTERN_IPV6_HEXCOMPRESSED = Pattern.compile("\\A((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4})*)?)::((?:[0-9A-Fa-f]{1,4}(?::[0-9A-Fa-f]{1,4})*)?)\\z");
    private static final Pattern PATTERN_IPV6 = Pattern.compile("\\A(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\\z");
    private static final Logger LOGGER = Logger.getLogger(MemorizingTrustManager.class.getName());
    static String KEYSTORE_DIR = "KeyStore";
    static String KEYSTORE_FILE = "KeyStore.bks";
    private static int decisionId = 0;
    private static final SparseArray<MTMDecision> openDecisions = new SparseArray<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes5.dex */
    public class InteractiveMemorizingTrustManager implements X509TrustManager {
        private final Consumer<Boolean> daneCb;
        private final String domain;
        private final int port;
        private final String verifiedHostname;

        public InteractiveMemorizingTrustManager(String str, String str2, int i, Consumer<Boolean> consumer) {
            this.domain = str;
            this.verifiedHostname = str2;
            this.port = i;
            this.daneCb = consumer;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            MemorizingTrustManager.this.checkCertTrusted(x509CertificateArr, str, this.domain, false, true, this.verifiedHostname, this.port, this.daneCb);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            MemorizingTrustManager.this.checkCertTrusted(x509CertificateArr, str, this.domain, true, true, this.verifiedHostname, this.port, this.daneCb);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return MemorizingTrustManager.this.getAcceptedIssuers();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes5.dex */
    public class NonInteractiveMemorizingTrustManager implements X509TrustManager {
        private final Consumer<Boolean> daneCb;
        private final String domain;
        private final int port;
        private final String verifiedHostname;

        public NonInteractiveMemorizingTrustManager(String str, String str2, int i, Consumer<Boolean> consumer) {
            this.domain = str;
            this.verifiedHostname = str2;
            this.port = i;
            this.daneCb = consumer;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            MemorizingTrustManager.this.checkCertTrusted(x509CertificateArr, str, this.domain, false, false, this.verifiedHostname, this.port, this.daneCb);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            MemorizingTrustManager.this.checkCertTrusted(x509CertificateArr, str, this.domain, true, false, this.verifiedHostname, this.port, this.daneCb);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return MemorizingTrustManager.this.getAcceptedIssuers();
        }
    }

    public MemorizingTrustManager(Context context) {
        init(context);
        this.appTrustManager = getTrustManager(this.appKeyStore);
        this.daneVerifier = new DaneVerifier();
        try {
            if (Build.VERSION.SDK_INT <= 24) {
                this.defaultTrustManager = defaultWithBundledLetsEncrypt(context);
            } else {
                this.defaultTrustManager = TrustManagers.createDefaultTrustManager();
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    public MemorizingTrustManager(Context context, X509TrustManager x509TrustManager) {
        init(context);
        this.appTrustManager = getTrustManager(this.appKeyStore);
        this.defaultTrustManager = x509TrustManager;
        this.daneVerifier = new DaneVerifier();
    }

    private String certChainMessage(X509Certificate[] x509CertificateArr, CertificateException certificateException) {
        LOGGER.log(Level.FINE, "certChainMessage for " + certificateException);
        StringBuffer stringBuffer = new StringBuffer();
        if (certificateException.getCause() != null) {
            Throwable cause = certificateException.getCause();
            if (NO_TRUST_ANCHOR.equals(cause.getMessage())) {
                stringBuffer.append(this.master.getString(R.string.mtm_trust_anchor));
            } else {
                stringBuffer.append(cause.getLocalizedMessage());
            }
            stringBuffer.append("\n");
        }
        stringBuffer.append("\n");
        stringBuffer.append(this.master.getString(R.string.mtm_connect_anyway));
        stringBuffer.append("\n\n");
        stringBuffer.append(this.master.getString(R.string.mtm_cert_details));
        stringBuffer.append('\n');
        int i = 0;
        while (i < x509CertificateArr.length) {
            certDetails(stringBuffer, x509CertificateArr[i], i == 0);
            i++;
        }
        return stringBuffer.toString();
    }

    private void certDetails(StringBuffer stringBuffer, X509Certificate x509Certificate, boolean z) {
        stringBuffer.append("\n");
        if (z) {
            try {
                stringBuffer.append("Valid for: ");
                stringBuffer.append(Joiner.on(", ").join(XmppDomainVerifier.parseValidDomains(x509Certificate).all()));
            } catch (CertificateParsingException unused) {
                stringBuffer.append("Unable to parse Certificate");
            }
            stringBuffer.append("\n");
        } else {
            stringBuffer.append(x509Certificate.getSubjectDN());
        }
        stringBuffer.append("\n");
        SimpleDateFormat simpleDateFormat = DATE_FORMAT;
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotBefore()));
        stringBuffer.append(" - ");
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotAfter()));
        stringBuffer.append("\nSHA-256: ");
        stringBuffer.append(certHash(x509Certificate, "SHA-256"));
        stringBuffer.append("\nSHA-1: ");
        stringBuffer.append(certHash(x509Certificate, McElieceCCA2KeyGenParameterSpec.SHA1));
        stringBuffer.append("\nSigned by: ");
        stringBuffer.append(x509Certificate.getIssuerDN().toString());
        stringBuffer.append("\n");
    }

    private static String certHash(X509Certificate x509Certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return hexString(messageDigest.digest());
        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            return e.getMessage();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void checkCertTrusted(X509Certificate[] x509CertificateArr, String str, String str2, boolean z, boolean z2, String str3, int i, Consumer<Boolean> consumer) throws CertificateException {
        Logger logger = LOGGER;
        logger.log(Level.FINE, "checkCertTrusted(" + x509CertificateArr + ", " + str + ", " + z + ")");
        try {
            logger.log(Level.FINE, "checkCertTrusted: trying appTrustManager");
            if (!z) {
                this.appTrustManager.checkClientTrusted(x509CertificateArr, str);
                return;
            }
            if (str3 != null) {
                try {
                    try {
                        if (this.daneVerifier.verifyCertificateChain(x509CertificateArr, str3, i)) {
                            if (consumer != null) {
                                consumer.accept(true);
                                return;
                            }
                            return;
                        }
                    } catch (CertificateException e) {
                        Log.d("monocles chat", "checkCertTrusted DANE failure: " + e);
                        throw e;
                    }
                } catch (Throwable th) {
                    Log.d("monocles chat", "checkCertTrusted DANE related failure: " + th);
                }
            }
            this.appTrustManager.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e2) {
            Logger logger2 = LOGGER;
            logger2.log(Level.FINER, "checkCertTrusted: appTrustManager failed", (Throwable) e2);
            if (isCertKnown(x509CertificateArr[0])) {
                logger2.log(Level.INFO, "checkCertTrusted: accepting cert already stored in keystore");
                return;
            }
            try {
                if (this.defaultTrustManager == null) {
                    throw e2;
                }
                logger2.log(Level.FINE, "checkCertTrusted: trying defaultTrustManager");
                if (z) {
                    this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                } else {
                    this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e3) {
                if (!z2) {
                    throw e3;
                }
                interactCert(x509CertificateArr, str, e3);
            }
        }
    }

    private int createDecisionId(MTMDecision mTMDecision) {
        int i;
        SparseArray<MTMDecision> sparseArray = openDecisions;
        synchronized (sparseArray) {
            i = decisionId;
            sparseArray.put(i, mTMDecision);
            decisionId++;
        }
        return i;
    }

    private static X509TrustManager defaultWithBundledLetsEncrypt(Context context) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException {
        return CombiningTrustManager.combineWithDefault(BundledTrustManager.builder().loadKeyStore(context.getResources().openRawResource(R.raw.letsencrypt), "letsencrypt").build());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public X509Certificate[] getAcceptedIssuers() {
        X509TrustManager x509TrustManager = this.defaultTrustManager;
        return x509TrustManager == null ? new X509Certificate[0] : x509TrustManager.getAcceptedIssuers();
    }

    private static String getBase64Hash(X509Certificate x509Certificate, String str) throws CertificateEncodingException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return Base64.encodeToString(messageDigest.digest(), 2);
        } catch (NoSuchAlgorithmException unused) {
            return null;
        }
    }

    private X509TrustManager getTrustManager(KeyStore keyStore) {
        Preconditions.checkNotNull(keyStore);
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
            return null;
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "getTrustManager(" + keyStore + ")", (Throwable) e);
            return null;
        }
    }

    private static String hexString(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append(String.format("%02x", Byte.valueOf(bArr[i])));
            if (i < bArr.length - 1) {
                stringBuffer.append(":");
            }
        }
        return stringBuffer.toString();
    }

    public static void interactResult(int i, int i2) {
        MTMDecision mTMDecision;
        SparseArray<MTMDecision> sparseArray = openDecisions;
        synchronized (sparseArray) {
            mTMDecision = sparseArray.get(i);
            sparseArray.remove(i);
        }
        if (mTMDecision == null) {
            LOGGER.log(Level.SEVERE, "interactResult: aborting due to stale decision reference!");
            return;
        }
        synchronized (mTMDecision) {
            mTMDecision.state = i2;
            mTMDecision.notify();
        }
    }

    private boolean isCertKnown(X509Certificate x509Certificate) {
        try {
            return this.appKeyStore.getCertificateAlias(x509Certificate) != null;
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    private static boolean isIp(String str) {
        return str != null && (PATTERN_IPV4.matcher(str).matches() || PATTERN_IPV6.matcher(str).matches() || PATTERN_IPV6_6HEX4DEC.matcher(str).matches() || PATTERN_IPV6_HEX4DECCOMPRESSED.matcher(str).matches() || PATTERN_IPV6_HEXCOMPRESSED.matcher(str).matches());
    }

    public void deleteCertificate(String str) throws KeyStoreException {
        this.appKeyStore.deleteEntry(str);
        keyStoreUpdated();
    }

    public Enumeration<String> getCertificates() {
        try {
            return this.appKeyStore.aliases();
        } catch (KeyStoreException e) {
            throw new RuntimeException(e);
        }
    }

    public X509TrustManager getInteractive() {
        return new InteractiveMemorizingTrustManager(null, null, 0, null);
    }

    public X509TrustManager getInteractive(String str, String str2, int i, Consumer<Boolean> consumer) {
        return new InteractiveMemorizingTrustManager(str, str2, i, consumer);
    }

    public X509TrustManager getNonInteractive() {
        return new NonInteractiveMemorizingTrustManager(null, null, 0, null);
    }

    public X509TrustManager getNonInteractive(String str, String str2, int i, Consumer<Boolean> consumer) {
        return new NonInteractiveMemorizingTrustManager(str, str2, i, consumer);
    }

    Context getUI() {
        AppCompatActivity appCompatActivity = this.foregroundAct;
        return appCompatActivity != null ? appCompatActivity : this.master;
    }

    void init(Context context) {
        Application application;
        this.master = context;
        this.masterHandler = new Handler(context.getMainLooper());
        this.notificationManager = (NotificationManager) this.master.getSystemService("notification");
        if (context instanceof Application) {
            application = (Application) context;
        } else if (context instanceof Service) {
            application = ((Service) context).getApplication();
        } else {
            if (!(context instanceof AppCompatActivity)) {
                throw new ClassCastException("MemorizingTrustManager context must be either Activity or Service!");
            }
            application = ((AppCompatActivity) context).getApplication();
        }
        this.keyStoreFile = new File(application.getDir(KEYSTORE_DIR, 0) + File.separator + KEYSTORE_FILE);
        this.appKeyStore = loadAppKeyStore();
    }

    int interact(final String str, final int i) {
        MTMDecision mTMDecision = new MTMDecision();
        final int createDecisionId = createDecisionId(mTMDecision);
        this.masterHandler.post(new Runnable() { // from class: eu.siacs.conversations.services.MemorizingTrustManager.1
            @Override // java.lang.Runnable
            public void run() {
                Intent intent = new Intent(MemorizingTrustManager.this.master, (Class<?>) MemorizingActivity.class);
                intent.setFlags(268435456);
                intent.setData(Uri.parse(MemorizingTrustManager.class.getName() + "/" + createDecisionId));
                intent.putExtra(MemorizingTrustManager.DECISION_INTENT_ID, createDecisionId);
                intent.putExtra(MemorizingTrustManager.DECISION_INTENT_CERT, str);
                intent.putExtra(MemorizingTrustManager.DECISION_TITLE_ID, i);
                try {
                    MemorizingTrustManager.this.getUI().startActivity(intent);
                } catch (Exception e) {
                    MemorizingTrustManager.LOGGER.log(Level.FINE, "startActivity(MemorizingActivity)", (Throwable) e);
                }
            }
        });
        LOGGER.log(Level.FINE, "openDecisions: " + openDecisions + ", waiting on " + createDecisionId);
        try {
            synchronized (mTMDecision) {
                mTMDecision.wait();
            }
        } catch (InterruptedException e) {
            LOGGER.log(Level.FINER, "InterruptedException", (Throwable) e);
        }
        LOGGER.log(Level.FINE, "finished wait on " + createDecisionId + ": " + mTMDecision.state);
        return mTMDecision.state;
    }

    void interactCert(X509Certificate[] x509CertificateArr, String str, CertificateException certificateException) throws CertificateException {
        int interact = interact(certChainMessage(x509CertificateArr, certificateException), R.string.mtm_accept_cert);
        if (interact != 2) {
            if (interact != 3) {
                throw certificateException;
            }
            storeCert(x509CertificateArr[0]);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:30:0x0075 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void keyStoreUpdated() {
        /*
            r9 = this;
            java.lang.String r0 = ")"
            java.lang.String r1 = "storeCert("
            java.security.KeyStore r2 = r9.appKeyStore
            javax.net.ssl.X509TrustManager r2 = r9.getTrustManager(r2)
            r9.appTrustManager = r2
            r2 = 0
            java.io.FileOutputStream r3 = new java.io.FileOutputStream     // Catch: java.lang.Throwable -> L3f java.lang.Exception -> L44
            java.io.File r4 = r9.keyStoreFile     // Catch: java.lang.Throwable -> L3f java.lang.Exception -> L44
            r3.<init>(r4)     // Catch: java.lang.Throwable -> L3f java.lang.Exception -> L44
            java.security.KeyStore r2 = r9.appKeyStore     // Catch: java.lang.Exception -> L3d java.lang.Throwable -> L72
            java.lang.String r4 = "MTM"
            char[] r4 = r4.toCharArray()     // Catch: java.lang.Exception -> L3d java.lang.Throwable -> L72
            r2.store(r3, r4)     // Catch: java.lang.Exception -> L3d java.lang.Throwable -> L72
            r3.close()     // Catch: java.io.IOException -> L23
            goto L71
        L23:
            r2 = move-exception
            java.util.logging.Logger r3 = eu.siacs.conversations.services.MemorizingTrustManager.LOGGER
            java.util.logging.Level r4 = java.util.logging.Level.SEVERE
            java.lang.StringBuilder r5 = new java.lang.StringBuilder
            r5.<init>(r1)
        L2d:
            java.io.File r1 = r9.keyStoreFile
            r5.append(r1)
            r5.append(r0)
            java.lang.String r0 = r5.toString()
            r3.log(r4, r0, r2)
            goto L71
        L3d:
            r2 = move-exception
            goto L48
        L3f:
            r3 = move-exception
            r8 = r3
            r3 = r2
            r2 = r8
            goto L73
        L44:
            r3 = move-exception
            r8 = r3
            r3 = r2
            r2 = r8
        L48:
            java.util.logging.Logger r4 = eu.siacs.conversations.services.MemorizingTrustManager.LOGGER     // Catch: java.lang.Throwable -> L72
            java.util.logging.Level r5 = java.util.logging.Level.SEVERE     // Catch: java.lang.Throwable -> L72
            java.lang.StringBuilder r6 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L72
            r6.<init>(r1)     // Catch: java.lang.Throwable -> L72
            java.io.File r7 = r9.keyStoreFile     // Catch: java.lang.Throwable -> L72
            r6.append(r7)     // Catch: java.lang.Throwable -> L72
            r6.append(r0)     // Catch: java.lang.Throwable -> L72
            java.lang.String r6 = r6.toString()     // Catch: java.lang.Throwable -> L72
            r4.log(r5, r6, r2)     // Catch: java.lang.Throwable -> L72
            if (r3 == 0) goto L71
            r3.close()     // Catch: java.io.IOException -> L66
            goto L71
        L66:
            r2 = move-exception
            java.util.logging.Logger r3 = eu.siacs.conversations.services.MemorizingTrustManager.LOGGER
            java.util.logging.Level r4 = java.util.logging.Level.SEVERE
            java.lang.StringBuilder r5 = new java.lang.StringBuilder
            r5.<init>(r1)
            goto L2d
        L71:
            return
        L72:
            r2 = move-exception
        L73:
            if (r3 == 0) goto L92
            r3.close()     // Catch: java.io.IOException -> L79
            goto L92
        L79:
            r3 = move-exception
            java.util.logging.Logger r4 = eu.siacs.conversations.services.MemorizingTrustManager.LOGGER
            java.util.logging.Level r5 = java.util.logging.Level.SEVERE
            java.lang.StringBuilder r6 = new java.lang.StringBuilder
            r6.<init>(r1)
            java.io.File r1 = r9.keyStoreFile
            r6.append(r1)
            r6.append(r0)
            java.lang.String r0 = r6.toString()
            r4.log(r5, r0, r3)
        L92:
            throw r2
        */
        throw new UnsupportedOperationException("Method not decompiled: eu.siacs.conversations.services.MemorizingTrustManager.keyStoreUpdated():void");
    }

    KeyStore loadAppKeyStore() {
        FileInputStream fileInputStream;
        Exception e;
        FileInputStream fileInputStream2 = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                try {
                    try {
                        keyStore.load(null, null);
                        fileInputStream = new FileInputStream(this.keyStoreFile);
                        try {
                            keyStore.load(fileInputStream, "MTM".toCharArray());
                        } catch (FileNotFoundException unused) {
                            fileInputStream2 = fileInputStream;
                            LOGGER.log(Level.INFO, "getAppKeyStore(" + this.keyStoreFile + ") - file does not exist");
                            FileBackend.close(fileInputStream2);
                            return keyStore;
                        } catch (Exception e2) {
                            e = e2;
                            LOGGER.log(Level.SEVERE, "getAppKeyStore(" + this.keyStoreFile + ")", (Throwable) e);
                            FileBackend.close(fileInputStream);
                            return keyStore;
                        }
                    } catch (Throwable th) {
                        th = th;
                        FileBackend.close(fileInputStream2);
                        throw th;
                    }
                } catch (FileNotFoundException unused2) {
                } catch (Exception e3) {
                    fileInputStream = null;
                    e = e3;
                }
                FileBackend.close(fileInputStream);
                return keyStore;
            } catch (Throwable th2) {
                th = th2;
                fileInputStream2 = fileInputStream;
            }
        } catch (KeyStoreException e4) {
            LOGGER.log(Level.SEVERE, "getAppKeyStore()", (Throwable) e4);
            return null;
        }
    }

    void storeCert(String str, Certificate certificate) {
        try {
            this.appKeyStore.setCertificateEntry(str, certificate);
            keyStoreUpdated();
        } catch (KeyStoreException e) {
            LOGGER.log(Level.SEVERE, "storeCert(" + certificate + ")", (Throwable) e);
        }
    }

    void storeCert(X509Certificate x509Certificate) {
        storeCert(x509Certificate.getSubjectDN().toString(), x509Certificate);
    }
}
