package de.lolhens.trustmanager;

import cats.NotNull$;
import cats.kernel.Semigroup;
import cats.kernel.Semigroup$;
import cats.syntax.EitherObjectOps$;
import cats.syntax.EitherSyntax$CatchOnlyPartiallyApplied$;
import cats.syntax.package$all$;
import de.lolhens.trustmanager.TrustManagers;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.$less$colon$less$;
import scala.Array$;
import scala.MatchError;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Tuple2;
import scala.collection.ArrayOps$;
import scala.collection.IterableOnceOps;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Seq;
import scala.package$;
import scala.reflect.ClassTag$;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import scala.runtime.LazyRef;
import scala.runtime.NonLocalReturnControl;
import scala.util.Either;

/* compiled from: TrustManagers.scala */
/* loaded from: input_file:de/lolhens/trustmanager/TrustManagers$.class */
public final class TrustManagers$ {
    private static X509TrustManager jreTrustManager;
    private static TrustManagers.ThreadSafeX509TrustManager defaultThreadSafeTrustManager;
    private static volatile byte bitmap$0;
    public static final TrustManagers$ MODULE$ = new TrustManagers$();
    private static final X509TrustManager insecureTrustManager = new X509TrustManager() { // from class: de.lolhens.trustmanager.TrustManagers$$anon$1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    };
    private static final Semigroup<X509TrustManager> trustManagerSemigroup = Semigroup$.MODULE$.instance((x509TrustManager, x509TrustManager2) -> {
        return new X509TrustManager(x509TrustManager, x509TrustManager2) { // from class: de.lolhens.trustmanager.TrustManagers$$anon$2
            private final X509TrustManager trustManager1$1;
            private final X509TrustManager trustManager2$1;

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                try {
                    this.trustManager1$1.checkClientTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    try {
                        this.trustManager2$1.checkClientTrusted(x509CertificateArr, str);
                    } catch (CertificateException e2) {
                        e2.addSuppressed(e);
                        throw e2;
                    }
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                try {
                    this.trustManager1$1.checkServerTrusted(x509CertificateArr, str);
                } catch (CertificateException e) {
                    try {
                        this.trustManager2$1.checkServerTrusted(x509CertificateArr, str);
                    } catch (CertificateException e2) {
                        e2.addSuppressed(e);
                        throw e2;
                    }
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return (X509Certificate[]) ArrayOps$.MODULE$.$plus$plus$extension(Predef$.MODULE$.refArrayOps(this.trustManager1$1.getAcceptedIssuers()), this.trustManager2$1.getAcceptedIssuers(), ClassTag$.MODULE$.apply(X509Certificate.class));
            }

            {
                this.trustManager1$1 = x509TrustManager;
                this.trustManager2$1 = x509TrustManager2;
            }
        };
    });
    private static final Logger logger = LoggerFactory.getLogger("de.lolhens.trustmanager.TrustManagers");

    public X509TrustManager insecureTrustManager() {
        return insecureTrustManager;
    }

    public Semigroup<X509TrustManager> trustManagerSemigroup() {
        return trustManagerSemigroup;
    }

    public X509TrustManager trustManagerFromKeyStore(KeyStore keyStore) {
        Object obj = new Object();
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            ArrayOps$.MODULE$.foreach$extension(Predef$.MODULE$.refArrayOps(trustManagerFactory.getTrustManagers()), trustManager -> {
                if (trustManager instanceof X509TrustManager) {
                    throw new NonLocalReturnControl(obj, (X509TrustManager) trustManager);
                }
                throw new MatchError(trustManager);
            });
            return null;
        } catch (NonLocalReturnControl e) {
            if (e.key() == obj) {
                return (X509TrustManager) e.value();
            }
            throw e;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v18, types: [byte] */
    private X509TrustManager jreTrustManager$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (((byte) (bitmap$0 & 1)) == 0) {
                LazyRef lazyRef = new LazyRef();
                LazyRef lazyRef2 = new LazyRef();
                LazyRef lazyRef3 = new LazyRef();
                LazyRef lazyRef4 = new LazyRef();
                jreTrustManager = trustManagerFromKeyStore((KeyStore) trustStore$1(lazyRef3).map(str -> {
                    KeyStore keyStore = (KeyStore) trustStoreProvider$1(lazyRef2).fold(() -> {
                        return KeyStore.getInstance(trustStoreType$1(lazyRef));
                    }, str -> {
                        return KeyStore.getInstance(trustStoreType$1(lazyRef), str);
                    });
                    FileInputStream fileInputStream = new FileInputStream(str);
                    try {
                        keyStore.load(fileInputStream, (char[]) trustStorePassword$1(lazyRef4).orNull($less$colon$less$.MODULE$.refl()));
                        return keyStore;
                    } finally {
                        fileInputStream.close();
                    }
                }).orNull($less$colon$less$.MODULE$.refl()));
                r0 = (byte) (bitmap$0 | 1);
                bitmap$0 = r0;
            }
        }
        return jreTrustManager;
    }

    public X509TrustManager jreTrustManager() {
        return ((byte) (bitmap$0 & 1)) == 0 ? jreTrustManager$lzycompute() : jreTrustManager;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v10, types: [byte] */
    private TrustManagers.ThreadSafeX509TrustManager defaultThreadSafeTrustManager$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (((byte) (bitmap$0 & 2)) == 0) {
                defaultThreadSafeTrustManager = new TrustManagers.ThreadSafeX509TrustManager(jreTrustManager());
                r0 = (byte) (bitmap$0 | 2);
                bitmap$0 = r0;
            }
        }
        return defaultThreadSafeTrustManager;
    }

    private TrustManagers.ThreadSafeX509TrustManager defaultThreadSafeTrustManager() {
        return ((byte) (bitmap$0 & 2)) == 0 ? defaultThreadSafeTrustManager$lzycompute() : defaultThreadSafeTrustManager;
    }

    public X509TrustManager defaultTrustManager() {
        return defaultThreadSafeTrustManager().atomicTrustManager().get();
    }

    public void setDefaultTrustManager(X509TrustManager x509TrustManager) {
        defaultThreadSafeTrustManager().set(x509TrustManager);
        SSLContext.setDefault(sslContext(defaultThreadSafeTrustManager()));
    }

    private SSLContext sslContext(X509TrustManager x509TrustManager) {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{x509TrustManager}, null);
        return sSLContext;
    }

    public KeyStore keyStoreFromCertificates(Seq<Certificate> seq) {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, (char[]) Array$.MODULE$.apply(Nil$.MODULE$, ClassTag$.MODULE$.Char()));
        ((IterableOnceOps) seq.zipWithIndex()).foreach(tuple2 -> {
            $anonfun$keyStoreFromCertificates$1(keyStore, tuple2);
            return BoxedUnit.UNIT;
        });
        return keyStore;
    }

    public Either<CertificateException, X509Certificate> x509CertificateFromBytes(byte[] bArr) {
        return EitherSyntax$CatchOnlyPartiallyApplied$.MODULE$.apply$extension(EitherObjectOps$.MODULE$.catchOnly$extension(package$all$.MODULE$.catsSyntaxEitherObject(package$.MODULE$.Either())), () -> {
            return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(bArr));
        }, ClassTag$.MODULE$.apply(CertificateException.class), NotNull$.MODULE$.catsNotNullForA());
    }

    private Logger logger() {
        return logger;
    }

    public X509TrustManager trustManagerFromCertificatePath(Path path) {
        return trustManagerFromKeyStore(keyStoreFromCertificates(((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(Files.list(path).iterator()).asScala()).filter(path2 -> {
            return BoxesRunTime.boxToBoolean($anonfun$trustManagerFromCertificatePath$1(path2));
        }).flatMap(path3 -> {
            Either flatMap = EitherSyntax$CatchOnlyPartiallyApplied$.MODULE$.apply$extension(EitherObjectOps$.MODULE$.catchOnly$extension(package$all$.MODULE$.catsSyntaxEitherObject(package$.MODULE$.Either())), () -> {
                return Files.readAllBytes(path3);
            }, ClassTag$.MODULE$.apply(IOException.class), NotNull$.MODULE$.catsNotNullForA()).flatMap(bArr -> {
                return MODULE$.x509CertificateFromBytes(bArr);
            });
            flatMap.fold(exc -> {
                $anonfun$trustManagerFromCertificatePath$5(path3, exc);
                return BoxedUnit.UNIT;
            }, x509Certificate -> {
                $anonfun$trustManagerFromCertificatePath$6(path3, x509Certificate);
                return BoxedUnit.UNIT;
            });
            return flatMap.toSeq();
        }).toSeq()));
    }

    private static final /* synthetic */ String trustStoreType$lzycompute$1(LazyRef lazyRef) {
        String str;
        synchronized (lazyRef) {
            str = lazyRef.initialized() ? (String) lazyRef.value() : (String) lazyRef.initialize(Option$.MODULE$.apply(System.getProperty("javax.net.ssl.trustStoreType")).getOrElse(() -> {
                return KeyStore.getDefaultType();
            }));
        }
        return str;
    }

    private static final String trustStoreType$1(LazyRef lazyRef) {
        return lazyRef.initialized() ? (String) lazyRef.value() : trustStoreType$lzycompute$1(lazyRef);
    }

    private static final /* synthetic */ Option trustStoreProvider$lzycompute$1(LazyRef lazyRef) {
        Option option;
        synchronized (lazyRef) {
            option = lazyRef.initialized() ? (Option) lazyRef.value() : (Option) lazyRef.initialize(Option$.MODULE$.apply(System.getProperty("javax.net.ssl.trustStoreProvider")));
        }
        return option;
    }

    private static final Option trustStoreProvider$1(LazyRef lazyRef) {
        return lazyRef.initialized() ? (Option) lazyRef.value() : trustStoreProvider$lzycompute$1(lazyRef);
    }

    public static final /* synthetic */ boolean $anonfun$jreTrustManager$2(String str) {
        return str != null ? str.equals("NONE") : "NONE" == 0;
    }

    private static final /* synthetic */ Option trustStore$lzycompute$1(LazyRef lazyRef) {
        Option option;
        synchronized (lazyRef) {
            option = lazyRef.initialized() ? (Option) lazyRef.value() : (Option) lazyRef.initialize(Option$.MODULE$.apply(System.getProperty("javax.net.ssl.trustStore")).filterNot(str -> {
                return BoxesRunTime.boxToBoolean($anonfun$jreTrustManager$2(str));
            }));
        }
        return option;
    }

    private static final Option trustStore$1(LazyRef lazyRef) {
        return lazyRef.initialized() ? (Option) lazyRef.value() : trustStore$lzycompute$1(lazyRef);
    }

    private static final /* synthetic */ Option trustStorePassword$lzycompute$1(LazyRef lazyRef) {
        Option option;
        synchronized (lazyRef) {
            option = lazyRef.initialized() ? (Option) lazyRef.value() : (Option) lazyRef.initialize(Option$.MODULE$.apply(System.getProperty("javax.net.ssl.trustStorePassword")).map(str -> {
                return str.toCharArray();
            }));
        }
        return option;
    }

    private static final Option trustStorePassword$1(LazyRef lazyRef) {
        return lazyRef.initialized() ? (Option) lazyRef.value() : trustStorePassword$lzycompute$1(lazyRef);
    }

    public static final /* synthetic */ void $anonfun$keyStoreFromCertificates$1(KeyStore keyStore, Tuple2 tuple2) {
        if (tuple2 == null) {
            throw new MatchError(tuple2);
        }
        keyStore.setCertificateEntry(Integer.toString(tuple2._2$mcI$sp()), (Certificate) tuple2._1());
        BoxedUnit boxedUnit = BoxedUnit.UNIT;
    }

    public static final /* synthetic */ boolean $anonfun$trustManagerFromCertificatePath$1(Path path) {
        return Files.isRegularFile(path, new LinkOption[0]);
    }

    public static final /* synthetic */ void $anonfun$trustManagerFromCertificatePath$5(Path path, Exception exc) {
        if (MODULE$.logger().isWarnEnabled()) {
            MODULE$.logger().warn(new StringBuilder(28).append("Failed to load certificate: ").append(path).toString(), exc);
        }
    }

    public static final /* synthetic */ void $anonfun$trustManagerFromCertificatePath$6(Path path, X509Certificate x509Certificate) {
        if (MODULE$.logger().isInfoEnabled()) {
            MODULE$.logger().info(new StringBuilder(20).append("Loaded certificate: ").append(path).toString());
        }
    }

    private TrustManagers$() {
    }
}
