package de.fhg.aisec.ids.idscp2.default_drivers.daps;

import de.fhg.aisec.ids.idscp2.default_drivers.daps.SecurityRequirements;
import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration;
import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver;
import de.fhg.aisec.ids.idscp2.idscp_core.error.DatException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.util.Date;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedTrustManager;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import okhttp3.FormBody;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.jose4j.http.Get;
import org.jose4j.http.SimpleGet;
import org.jose4j.jwa.AlgorithmConstraints;
import org.jose4j.jwk.HttpsJwks;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.NumericDate;
import org.jose4j.jwt.consumer.JwtConsumer;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: DefaultDapsDriver.kt */
@Metadata(mv = {1, 4, 2}, bv = {1, 0, 3}, k = 1, d1 = {"��r\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\u0010\u0005\n\u0002\u0010\u0019\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\b\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0003\n\u0002\u0010\u0002\n��\n\u0002\u0010\t\n��\n\u0002\u0010��\n\u0002\b\u0002\u0018�� (2\u00020\u0001:\u0001(B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u0019\u001a\u00020\f2\u0006\u0010\u001a\u001a\u00020\u001bH\u0002J\u0018\u0010\u001c\u001a\u00020\b2\u0006\u0010\u001d\u001a\u00020\u00142\u0006\u0010\u001e\u001a\u00020\u001fH\u0002J\u0010\u0010 \u001a\u00020\u00102\u0006\u0010!\u001a\u00020\bH\u0002J\u0010\u0010\"\u001a\u00020#2\b\u0010\u000f\u001a\u0004\u0018\u00010\u0010J\u0010\u0010$\u001a\u00020%2\u0006\u0010!\u001a\u00020\u0014H\u0016J\u0018\u0010&\u001a\u00020%2\u0006\u0010!\u001a\u00020\u00142\b\u0010\u000f\u001a\u0004\u0018\u00010'R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\t\u001a\u000e\u0012\u0004\u0012\u00020\u000b\u0012\u0004\u0012\u00020\f0\nX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\r\u001a\u00020\u000eX\u0082\u0004¢\u0006\u0002\n��R\u0010\u0010\u000f\u001a\u0004\u0018\u00010\u0010X\u0082\u000e¢\u0006\u0002\n��R\u000e\u0010\u0011\u001a\u00020\u0012X\u0082\u000e¢\u0006\u0002\n��R\u0014\u0010\u0013\u001a\u00020\u00148VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0015\u0010\u0016R\u000e\u0010\u0017\u001a\u00020\u0018X\u0082\u0004¢\u0006\u0002\n��¨\u0006)"}, d2 = {"Lde/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver;", "Lde/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver;", "config", "Lde/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig;", "(Lde/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig;)V", "cert", "Ljava/security/cert/X509Certificate;", "dapsUrl", "", "hexLookup", "Ljava/util/HashMap;", "", "", "privateKey", "Ljava/security/Key;", "securityRequirements", "Lde/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements;", "sslSocketFactory", "Ljavax/net/ssl/SSLSocketFactory;", "token", "", "getToken", "()[B", "trustManager", "Ljavax/net/ssl/X509ExtendedTrustManager;", "byteToHex", "num", "", "encodeHexString", "byteArray", "beautify", "", "parseSecurityRequirements", "dat", "updateSecurityRequirements", "", "verifyToken", "", "verifyTokenSecurityAttributes", "", "Companion", "idscp2"})
/* loaded from: input_file:de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.class */
public final class DefaultDapsDriver implements DapsDriver {
    private SSLSocketFactory sslSocketFactory;
    private SecurityRequirements securityRequirements;
    private final X509ExtendedTrustManager trustManager;
    private final Key privateKey;
    private final String dapsUrl;
    private final X509Certificate cert;
    private final HashMap<Byte, char[]> hexLookup;
    private static final String TARGET_AUDIENCE = "idsc:IDS_CONNECTORS_ALL";

    @NotNull
    public static final Companion Companion = new Companion(null);
    private static final Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);

    /* compiled from: DefaultDapsDriver.kt */
    @Metadata(mv = {1, 4, 2}, bv = {1, 0, 3}, k = 1, d1 = {"��\u001a\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u0016\u0010\u0003\u001a\n \u0005*\u0004\u0018\u00010\u00040\u0004X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082T¢\u0006\u0002\n��¨\u0006\b"}, d2 = {"Lde/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver$Companion;", "", "()V", "LOG", "Lorg/slf4j/Logger;", "kotlin.jvm.PlatformType", "TARGET_AUDIENCE", "", "idscp2"})
    /* loaded from: input_file:de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @Override // de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
    @NotNull
    public byte[] getToken() {
        String string;
        LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
        ASN1ObjectIdentifier aSN1ObjectIdentifier = Extension.authorityKeyIdentifier;
        Intrinsics.checkNotNullExpressionValue(aSN1ObjectIdentifier, "Extension.authorityKeyIdentifier");
        ASN1OctetString aSN1OctetString = ASN1OctetString.getInstance(this.cert.getExtensionValue(aSN1ObjectIdentifier.getId()));
        Intrinsics.checkNotNullExpressionValue(aSN1OctetString, "akiOc");
        AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(aSN1OctetString.getOctets());
        Intrinsics.checkNotNullExpressionValue(authorityKeyIdentifier, "aki");
        byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = Extension.subjectKeyIdentifier;
        Intrinsics.checkNotNullExpressionValue(aSN1ObjectIdentifier2, "Extension.subjectKeyIdentifier");
        ASN1OctetString aSN1OctetString2 = ASN1OctetString.getInstance(this.cert.getExtensionValue(aSN1ObjectIdentifier2.getId()));
        Intrinsics.checkNotNullExpressionValue(aSN1OctetString2, "ski0c");
        SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(aSN1OctetString2.getOctets());
        Intrinsics.checkNotNullExpressionValue(subjectKeyIdentifier, "ski");
        byte[] keyIdentifier2 = subjectKeyIdentifier.getKeyIdentifier();
        Intrinsics.checkNotNullExpressionValue(keyIdentifier, "authorityKeyIdentifier");
        String encodeHexString = encodeHexString(keyIdentifier, true);
        if (encodeHexString == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        String upperCase = encodeHexString.toUpperCase();
        Intrinsics.checkNotNullExpressionValue(upperCase, "(this as java.lang.String).toUpperCase()");
        Intrinsics.checkNotNullExpressionValue(keyIdentifier2, "subjectKeyIdentifier");
        String encodeHexString2 = encodeHexString(keyIdentifier2, true);
        if (encodeHexString2 == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        String upperCase2 = encodeHexString2.toUpperCase();
        Intrinsics.checkNotNullExpressionValue(upperCase2, "(this as java.lang.String).toUpperCase()");
        Logger logger = LOG;
        Intrinsics.checkNotNullExpressionValue(logger, "LOG");
        if (logger.isDebugEnabled()) {
            LOG.debug("AKI: " + upperCase);
            LOG.debug("SKI: " + upperCase2);
        }
        StringBuilder append = new StringBuilder().append(upperCase2).append("keyid:");
        int length = upperCase.length() - 1;
        if (upperCase == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        String substring = upperCase.substring(0, length);
        Intrinsics.checkNotNullExpressionValue(substring, "(this as java.lang.Strin…ing(startIndex, endIndex)");
        String sb = append.append(substring).toString();
        Logger logger2 = LOG;
        Intrinsics.checkNotNullExpressionValue(logger2, "LOG");
        if (logger2.isDebugEnabled()) {
            LOG.debug("ConnectorUUID: " + sb);
            LOG.debug("Retrieving Dynamic Attribute Token...");
        }
        Date from = Date.from(Instant.now().plusSeconds(86400L));
        Date from2 = Date.from(Instant.now());
        Date from3 = Date.from(Instant.now());
        String compact = Jwts.builder().setIssuer(sb).setSubject(sb).claim("@context", "https://w3id.org/idsa/contexts/context.jsonld").claim("@type", "ids:DatRequestToken").setExpiration(from).setIssuedAt(from2).setNotBefore(from3).setAudience(TARGET_AUDIENCE).signWith(this.privateKey, SignatureAlgorithm.RS256).compact();
        FormBody.Builder add = new FormBody.Builder((Charset) null, 1, (DefaultConstructorMarker) null).add("grant_type", "client_credentials").add("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
        Intrinsics.checkNotNullExpressionValue(compact, "jwt");
        try {
            Response execute = new OkHttpClient.Builder().sslSocketFactory(this.sslSocketFactory, this.trustManager).connectTimeout(15L, TimeUnit.SECONDS).writeTimeout(15L, TimeUnit.SECONDS).readTimeout(15L, TimeUnit.SECONDS).build().newCall(new Request.Builder().url(this.dapsUrl + "/v2/token").post(add.add("client_assertion", compact).add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL").build()).build()).execute();
            if (!execute.isSuccessful()) {
                LOG.error("Failed to request token issued with parameters: Issuer: {}, Subject: {}, Expiration: {}, IssuedAt: {}, NotBefore: {}, Audience: {}", new Object[]{sb, sb, from, from2, from3, TARGET_AUDIENCE});
                throw new DatException("Received non-200 http response: " + execute.code());
            }
            Logger logger3 = LOG;
            Intrinsics.checkNotNullExpressionValue(logger3, "LOG");
            if (logger3.isDebugEnabled()) {
                LOG.debug("Acquired DAT from {}/v2/token", this.dapsUrl);
            }
            ResponseBody body = execute.body();
            if (body == null || (string = body.string()) == null) {
                throw new DatException("Received empty DAPS response");
            }
            JSONObject jSONObject = new JSONObject(string);
            if (!jSONObject.has("access_token")) {
                if (jSONObject.has("error")) {
                    throw new DatException("DAPS reported error: " + jSONObject.getString("error"));
                }
                throw new DatException("DAPS response does not contain \"access_token\" or \"error\" field.");
            }
            String string2 = jSONObject.getString("access_token");
            Intrinsics.checkNotNullExpressionValue(string2, "json.getString(\"access_token\")");
            Logger logger4 = LOG;
            Intrinsics.checkNotNullExpressionValue(logger4, "LOG");
            if (logger4.isDebugEnabled()) {
                LOG.debug("Received DAT from DAPS: {}", string2);
            }
            Charset charset = StandardCharsets.UTF_8;
            Intrinsics.checkNotNullExpressionValue(charset, "StandardCharsets.UTF_8");
            if (string2 == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = string2.getBytes(charset);
            Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
            verifyTokenSecurityAttributes(bytes, null);
            Charset charset2 = StandardCharsets.UTF_8;
            Intrinsics.checkNotNullExpressionValue(charset2, "StandardCharsets.UTF_8");
            if (string2 == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes2 = string2.getBytes(charset2);
            Intrinsics.checkNotNullExpressionValue(bytes2, "(this as java.lang.String).getBytes(charset)");
            return bytes2;
        } catch (IOException e) {
            throw new DatException("Error whilst retrieving DAT", e);
        }
    }

    public final void updateSecurityRequirements(@Nullable SecurityRequirements securityRequirements) {
        this.securityRequirements = securityRequirements;
    }

    @Override // de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
    public long verifyToken(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "dat");
        return verifyTokenSecurityAttributes(bArr, this.securityRequirements);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:24:0x01a9. Please report as an issue. */
    public final long verifyTokenSecurityAttributes(@NotNull byte[] bArr, @Nullable Object obj) {
        Intrinsics.checkNotNullParameter(bArr, "dat");
        Logger logger = LOG;
        Intrinsics.checkNotNullExpressionValue(logger, "LOG");
        if (logger.isDebugEnabled()) {
            LOG.debug("Verifying dynamic attribute token...");
        }
        HttpsJwks httpsJwks = new HttpsJwks(this.dapsUrl + "/.well-known/jwks.json");
        SimpleGet get = new Get();
        get.setSslSocketFactory(this.sslSocketFactory);
        httpsJwks.setSimpleHttpGet(get);
        JwtConsumer build = new JwtConsumerBuilder().setRequireExpirationTime().setAllowedClockSkewInSeconds(30).setRequireSubject().setExpectedAudience(true, new String[]{"IDS_Connector", TARGET_AUDIENCE}).setExpectedIssuer(this.dapsUrl).setVerificationKeyResolver(new HttpsJwksVerificationKeyResolver(httpsJwks)).setJweAlgorithmConstraints(new AlgorithmConstraints(AlgorithmConstraints.ConstraintType.PERMIT, new String[]{"RS256"})).build();
        try {
            Charset charset = StandardCharsets.UTF_8;
            Intrinsics.checkNotNullExpressionValue(charset, "StandardCharsets.UTF_8");
            JwtClaims processToClaims = build.processToClaims(new String(bArr, charset));
            Intrinsics.checkNotNullExpressionValue(processToClaims, "jwtConsumer.processToCla… StandardCharsets.UTF_8))");
            NumericDate expirationTime = processToClaims.getExpirationTime();
            Intrinsics.checkNotNullExpressionValue(expirationTime, "expTime");
            long value = expirationTime.getValue();
            NumericDate now = NumericDate.now();
            Intrinsics.checkNotNullExpressionValue(now, "NumericDate.now()");
            long value2 = value - now.getValue();
            if (obj != null) {
                Logger logger2 = LOG;
                Intrinsics.checkNotNullExpressionValue(logger2, "LOG");
                if (logger2.isDebugEnabled()) {
                    LOG.debug("Validate security attributes");
                }
                if (!(obj instanceof SecurityRequirements)) {
                    throw new DatException("Invalid security requirements format. Expected " + SecurityRequirements.class.getName());
                }
                String json = processToClaims.toJson();
                Intrinsics.checkNotNullExpressionValue(json, "claims.toJson()");
                String requiredSecurityLevel = parseSecurityRequirements(json).getRequiredSecurityLevel();
                if (requiredSecurityLevel == null) {
                    throw new DatException("No security profile provided");
                }
                String requiredSecurityLevel2 = ((SecurityRequirements) obj).getRequiredSecurityLevel();
                if (requiredSecurityLevel2 != null) {
                    switch (requiredSecurityLevel2.hashCode()) {
                        case 87630579:
                            if (requiredSecurityLevel2.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
                                if ((!Intrinsics.areEqual(requiredSecurityLevel, "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) && (!Intrinsics.areEqual(requiredSecurityLevel, "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE"))) {
                                    throw new DatException("Client does not support any valid trust profile: Required: " + ((SecurityRequirements) obj).getRequiredSecurityLevel() + " given: " + requiredSecurityLevel);
                                }
                            }
                            break;
                        case 1980850630:
                            if (requiredSecurityLevel2.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                                if (!Intrinsics.areEqual(requiredSecurityLevel, "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                                    throw new DatException("Client does not support any valid trust profile: Required: " + ((SecurityRequirements) obj).getRequiredSecurityLevel() + " given: " + requiredSecurityLevel);
                                }
                            }
                            break;
                        case 2083802299:
                            if (requiredSecurityLevel2.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
                                if ((!Intrinsics.areEqual(requiredSecurityLevel, "idsc:BASE_CONNECTOR_SECURITY_PROFILE")) && (!Intrinsics.areEqual(requiredSecurityLevel, "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) && (!Intrinsics.areEqual(requiredSecurityLevel, "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE"))) {
                                    throw new DatException("Client does not support any valid trust profile: Required: " + ((SecurityRequirements) obj).getRequiredSecurityLevel() + " given: " + requiredSecurityLevel);
                                }
                            }
                            break;
                    }
                }
                throw new DatException("Client does not support any valid trust profile: Required: " + ((SecurityRequirements) obj).getRequiredSecurityLevel() + " given: " + requiredSecurityLevel);
            }
            LOG.debug("DAT is valid");
            return value2;
        } catch (Exception e) {
            throw new DatException("Error during claims processing", e);
        }
    }

    private final SecurityRequirements parseSecurityRequirements(String str) {
        JSONObject jSONObject = new JSONObject(str);
        if (jSONObject.has("securityProfile")) {
            return new SecurityRequirements.Builder().setRequiredSecurityLevel(jSONObject.getString("securityProfile")).build();
        }
        throw new DatException("DAT does not contain securityProfile");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final char[] byteToHex(int i) {
        return new char[]{Character.forDigit((i >> 4) & 15, 16), Character.forDigit(i & 15, 16)};
    }

    private final String encodeHexString(byte[] bArr, boolean z) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(this.hexLookup.computeIfAbsent(Byte.valueOf(b), new Function<Byte, char[]>() { // from class: de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver$encodeHexString$1
                @Override // java.util.function.Function
                public /* bridge */ /* synthetic */ char[] apply(Byte b2) {
                    return apply(b2.byteValue());
                }

                @NotNull
                public final char[] apply(byte b2) {
                    char[] byteToHex;
                    byteToHex = DefaultDapsDriver.this.byteToHex(b2);
                    return byteToHex;
                }
            }));
            if (z) {
                sb.append(':');
            }
        }
        String sb2 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb2, "sb.toString()");
        return sb2;
    }

    public DefaultDapsDriver(@NotNull DefaultDapsDriverConfig defaultDapsDriverConfig) {
        Intrinsics.checkNotNullParameter(defaultDapsDriverConfig, "config");
        this.securityRequirements = defaultDapsDriverConfig.getSecurityRequirements();
        this.privateKey = PreConfiguration.INSTANCE.getKey(defaultDapsDriverConfig.getKeyStorePath(), defaultDapsDriverConfig.getKeyStorePassword(), defaultDapsDriverConfig.getKeyAlias(), defaultDapsDriverConfig.getKeyPassword());
        this.dapsUrl = defaultDapsDriverConfig.getDapsUrl();
        this.cert = PreConfiguration.INSTANCE.getCertificate(defaultDapsDriverConfig.getKeyStorePath(), defaultDapsDriverConfig.getKeyStorePassword(), defaultDapsDriverConfig.getKeyAlias());
        TrustManager[] x509ExtTrustManager = PreConfiguration.INSTANCE.getX509ExtTrustManager(defaultDapsDriverConfig.getTrustStorePath(), defaultDapsDriverConfig.getTrustStorePassword());
        TrustManager trustManager = x509ExtTrustManager[0];
        if (trustManager == null) {
            throw new NullPointerException("null cannot be cast to non-null type javax.net.ssl.X509ExtendedTrustManager");
        }
        this.trustManager = (X509ExtendedTrustManager) trustManager;
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, x509ExtTrustManager, null);
            Intrinsics.checkNotNullExpressionValue(sSLContext, "sslContext");
            SSLSocketFactory socketFactory = sSLContext.getSocketFactory();
            Intrinsics.checkNotNullExpressionValue(socketFactory, "sslContext.socketFactory");
            this.sslSocketFactory = socketFactory;
            this.hexLookup = new HashMap<>();
        } catch (KeyManagementException e) {
            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString());
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            LOG.error("Cannot init DefaultDapsDriver: {}", e2.toString());
            throw new RuntimeException(e2);
        }
    }
}
