package com.hugport.dpc.core.feature.cacert.platform;

import com.android.org.conscrypt.TrustedCertificateStore;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import net.xpece.android.shell.RootUtils;

/* compiled from: RootUserCaCertInstaller.kt */
/* loaded from: classes.dex */
public final class RootUserCaCertInstaller {
    public static final RootUserCaCertInstaller INSTANCE = new RootUserCaCertInstaller();
    private static final File addedDir;
    private static final File deletedDir;
    private static final Method methodGetCertificateFile;
    private static final File systemDir;
    private static final File userDir;

    static {
        StringBuilder sb = new StringBuilder();
        String str = System.getenv("ANDROID_ROOT");
        if (str == null) {
            Intrinsics.throwNpe();
        }
        sb.append(str);
        sb.append("/etc/security/cacerts");
        systemDir = new File(sb.toString());
        StringBuilder sb2 = new StringBuilder();
        String str2 = System.getenv("ANDROID_DATA");
        if (str2 == null) {
            Intrinsics.throwNpe();
        }
        sb2.append(str2);
        sb2.append("/misc/keychain");
        userDir = new File(sb2.toString());
        addedDir = new File(userDir, "cacerts-added");
        deletedDir = new File(userDir, "cacerts-removed");
        Method declaredMethod = TrustedCertificateStore.class.getDeclaredMethod("getCertificateFile", File.class, X509Certificate.class);
        declaredMethod.setAccessible(true);
        methodGetCertificateFile = declaredMethod;
    }

    private RootUserCaCertInstaller() {
    }

    private final File getCertificateFile(TrustedCertificateStore trustedCertificateStore, File file, X509Certificate x509Certificate) {
        Object invoke = methodGetCertificateFile.invoke(trustedCertificateStore, file, x509Certificate);
        if (invoke != null) {
            return (File) invoke;
        }
        throw new TypeCastException("null cannot be cast to non-null type java.io.File");
    }

    private final void writeCertificate(File file, X509Certificate x509Certificate) throws IOException, CertificateException {
        File temp = File.createTempFile("cacert", null);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(temp);
            Throwable th = (Throwable) null;
            try {
                fileOutputStream.write(x509Certificate.getEncoded());
                Unit unit = Unit.INSTANCE;
                CloseableKt.closeFinally(fileOutputStream, th);
                File dir = file.getParentFile();
                Intrinsics.checkExpressionValueIsNotNull(dir, "dir");
                String canonicalPath = dir.getCanonicalPath();
                String canonicalPath2 = file.getCanonicalPath();
                Intrinsics.checkExpressionValueIsNotNull(temp, "temp");
                int exec = RootUtils.INSTANCE.exec(new String[]{"set -e", "mkdir -p " + canonicalPath, "chmod 644 " + canonicalPath, "chown system:system " + canonicalPath, "cp " + temp.getCanonicalPath() + ' ' + canonicalPath2, "chmod 644 " + canonicalPath2, "chown system:system " + canonicalPath2}, (String[]) null, (File) null);
                if (exec == 0) {
                    return;
                }
                throw new IOException("Couldn't write cert. code=" + exec);
            } catch (Throwable th2) {
                CloseableKt.closeFinally(fileOutputStream, th);
                throw th2;
            }
        } finally {
            temp.delete();
        }
    }

    public final void installCertificate(TrustedCertificateStore store, X509Certificate cert) throws IOException, CertificateException {
        Intrinsics.checkParameterIsNotNull(store, "store");
        Intrinsics.checkParameterIsNotNull(cert, "cert");
        if (!RootUtils.INSTANCE.isRootAvailable()) {
            throw new IllegalStateException("Only root can do this.".toString());
        }
        if (!getCertificateFile(store, systemDir, cert).exists()) {
            File certificateFile = getCertificateFile(store, addedDir, cert);
            if (certificateFile.exists()) {
                return;
            }
            writeCertificate(certificateFile, cert);
            return;
        }
        File certificateFile2 = getCertificateFile(store, deletedDir, cert);
        if (certificateFile2.exists()) {
            if (RootUtils.INSTANCE.exec("rm " + certificateFile2.getCanonicalPath(), (String[]) null, (File) null) == 0) {
                return;
            }
            throw new IOException("Could not remove " + certificateFile2);
        }
    }
}
