package nl.altindag.ssl.util;

import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedTrustManager;
import javax.net.ssl.X509TrustManager;
import nl.altindag.ssl.exception.GenericTrustManagerException;
import nl.altindag.ssl.trustmanager.CertificateCapturingX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.ChainAndAuthTypeValidator;
import nl.altindag.ssl.trustmanager.ChainAndAuthTypeWithSSLEngineValidator;
import nl.altindag.ssl.trustmanager.ChainAndAuthTypeWithSocketValidator;
import nl.altindag.ssl.trustmanager.CompositeX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.DummyX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.EnhanceableX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.HotSwappableX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.TrustManagerFactoryWrapper;
import nl.altindag.ssl.trustmanager.UnsafeX509ExtendedTrustManager;
import nl.altindag.ssl.trustmanager.X509TrustManagerWrapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:nl/altindag/ssl/util/TrustManagerUtils.class */
public final class TrustManagerUtils {

    /* loaded from: input_file:nl/altindag/ssl/util/TrustManagerUtils$TrustManagerBuilder.class */
    public static final class TrustManagerBuilder {
        private static final Logger LOGGER = LoggerFactory.getLogger(TrustManagerBuilder.class);
        private static final String EMPTY_TRUST_MANAGER_EXCEPTION = "Input does not contain TrustManager";
        private static final String NO_TRUSTED_CERTIFICATES_EXCEPTION = "The provided trust material does not contain any trusted certificate.";
        private final List<X509ExtendedTrustManager> trustManagers;
        private boolean swappableTrustManagerEnabled;
        private ChainAndAuthTypeValidator chainAndAuthTypeValidator;
        private ChainAndAuthTypeWithSocketValidator chainAndAuthTypeWithSocketValidator;
        private ChainAndAuthTypeWithSSLEngineValidator chainAndAuthTypeWithSSLEngineValidator;

        private TrustManagerBuilder() {
            this.trustManagers = new ArrayList();
            this.swappableTrustManagerEnabled = false;
        }

        public <T extends X509TrustManager> TrustManagerBuilder withTrustManagers(T... tArr) {
            for (T t : tArr) {
                withTrustManager(t);
            }
            return this;
        }

        public <T extends X509TrustManager> TrustManagerBuilder withTrustManagers(List<T> list) {
            Iterator<T> it = list.iterator();
            while (it.hasNext()) {
                withTrustManager(it.next());
            }
            return this;
        }

        public <T extends X509TrustManager> TrustManagerBuilder withTrustManager(T t) {
            this.trustManagers.add(TrustManagerUtils.wrapIfNeeded(t));
            return this;
        }

        public <T extends KeyStore> TrustManagerBuilder withTrustStores(T... tArr) {
            return withTrustStores(Arrays.asList(tArr));
        }

        public TrustManagerBuilder withTrustStores(List<? extends KeyStore> list) {
            Iterator<? extends KeyStore> it = list.iterator();
            while (it.hasNext()) {
                this.trustManagers.add(TrustManagerUtils.createTrustManager(it.next()));
            }
            return this;
        }

        public <T extends KeyStore> TrustManagerBuilder withTrustStore(T t) {
            this.trustManagers.add(TrustManagerUtils.createTrustManager(t));
            return this;
        }

        public <T extends KeyStore> TrustManagerBuilder withTrustStore(T t, String str) {
            this.trustManagers.add(TrustManagerUtils.createTrustManager(t, str));
            return this;
        }

        public TrustManagerBuilder withSwappableTrustManager(boolean z) {
            this.swappableTrustManagerEnabled = z;
            return this;
        }

        public TrustManagerBuilder withTrustEnhancer(ChainAndAuthTypeValidator chainAndAuthTypeValidator) {
            this.chainAndAuthTypeValidator = chainAndAuthTypeValidator;
            return this;
        }

        public TrustManagerBuilder withTrustEnhancer(ChainAndAuthTypeWithSocketValidator chainAndAuthTypeWithSocketValidator) {
            this.chainAndAuthTypeWithSocketValidator = chainAndAuthTypeWithSocketValidator;
            return this;
        }

        public TrustManagerBuilder withTrustEnhancer(ChainAndAuthTypeWithSSLEngineValidator chainAndAuthTypeWithSSLEngineValidator) {
            this.chainAndAuthTypeWithSSLEngineValidator = chainAndAuthTypeWithSSLEngineValidator;
            return this;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v35, types: [javax.net.ssl.X509ExtendedTrustManager] */
        /* JADX WARN: Type inference failed for: r0v39, types: [javax.net.ssl.X509ExtendedTrustManager] */
        /* JADX WARN: Type inference failed for: r0v47, types: [javax.net.ssl.X509ExtendedTrustManager] */
        /* JADX WARN: Type inference failed for: r0v53, types: [javax.net.ssl.X509ExtendedTrustManager] */
        /* JADX WARN: Type inference failed for: r0v59, types: [javax.net.ssl.X509ExtendedTrustManager] */
        /* JADX WARN: Type inference failed for: r0v65, types: [javax.net.ssl.X509ExtendedTrustManager] */
        public X509ExtendedTrustManager build() {
            CompositeX509ExtendedTrustManager compositeX509ExtendedTrustManager;
            ValidationUtils.requireNotEmpty(this.trustManagers, (Supplier<RuntimeException>) () -> {
                return new GenericTrustManagerException(EMPTY_TRUST_MANAGER_EXCEPTION);
            });
            Stream<X509ExtendedTrustManager> stream = this.trustManagers.stream();
            Class<UnsafeX509ExtendedTrustManager> cls = UnsafeX509ExtendedTrustManager.class;
            UnsafeX509ExtendedTrustManager.class.getClass();
            Optional<X509ExtendedTrustManager> findAny = stream.filter((v1) -> {
                return r1.isInstance(v1);
            }).findAny();
            Stream<X509ExtendedTrustManager> stream2 = this.trustManagers.stream();
            Class<DummyX509ExtendedTrustManager> cls2 = DummyX509ExtendedTrustManager.class;
            DummyX509ExtendedTrustManager.class.getClass();
            Optional<X509ExtendedTrustManager> findAny2 = stream2.filter((v1) -> {
                return r1.isInstance(v1);
            }).findAny();
            if (findAny.isPresent()) {
                if (this.trustManagers.size() > 1) {
                    LOGGER.debug("Unsafe TrustManager is being used therefore other trust managers will not be included for constructing the base trust manager");
                }
                compositeX509ExtendedTrustManager = findAny.get();
            } else if (findAny2.isPresent()) {
                if (this.trustManagers.size() > 1) {
                    LOGGER.debug("Dummy TrustManager is being used therefore other trust managers will not be included for constructing the base trust manager");
                }
                compositeX509ExtendedTrustManager = findAny2.get();
            } else {
                if (this.trustManagers.size() == 1) {
                    compositeX509ExtendedTrustManager = this.trustManagers.get(0);
                } else {
                    List list = (List) this.trustManagers.stream().map(x509ExtendedTrustManager -> {
                        return TrustManagerUtils.unwrapIfPossible(x509ExtendedTrustManager);
                    }).flatMap((v0) -> {
                        return v0.stream();
                    }).filter(x509ExtendedTrustManager2 -> {
                        return x509ExtendedTrustManager2.getAcceptedIssuers().length > 0;
                    }).collect(Collectors.toList());
                    ValidationUtils.requireNotEmpty(list, NO_TRUSTED_CERTIFICATES_EXCEPTION);
                    compositeX509ExtendedTrustManager = list.size() == 1 ? (X509ExtendedTrustManager) list.get(0) : new CompositeX509ExtendedTrustManager(list);
                }
                if (this.chainAndAuthTypeValidator != null || this.chainAndAuthTypeWithSocketValidator != null || this.chainAndAuthTypeWithSSLEngineValidator != null) {
                    compositeX509ExtendedTrustManager = TrustManagerUtils.createEnhanceableTrustManager(compositeX509ExtendedTrustManager, this.chainAndAuthTypeValidator, this.chainAndAuthTypeWithSocketValidator, this.chainAndAuthTypeWithSSLEngineValidator);
                }
            }
            if (this.swappableTrustManagerEnabled) {
                compositeX509ExtendedTrustManager = TrustManagerUtils.createSwappableTrustManager(compositeX509ExtendedTrustManager);
            }
            return compositeX509ExtendedTrustManager;
        }
    }

    private TrustManagerUtils() {
    }

    public static X509ExtendedTrustManager combine(X509TrustManager... x509TrustManagerArr) {
        return combine((List<? extends X509TrustManager>) Arrays.asList(x509TrustManagerArr));
    }

    public static X509ExtendedTrustManager combine(List<? extends X509TrustManager> list) {
        return trustManagerBuilder().withTrustManagers(list).build();
    }

    public static <T extends X509TrustManager> X509ExtendedTrustManager[] toArray(T t) {
        return new X509ExtendedTrustManager[]{wrapIfNeeded(t)};
    }

    public static X509ExtendedTrustManager createTrustManagerWithJdkTrustedCertificates() {
        return createTrustManager((KeyStore) null);
    }

    public static Optional<X509ExtendedTrustManager> createTrustManagerWithSystemTrustedCertificates() {
        List<KeyStore> loadSystemKeyStores = KeyStoreUtils.loadSystemKeyStores();
        return loadSystemKeyStores.isEmpty() ? Optional.empty() : Optional.of(createTrustManager((KeyStore[]) loadSystemKeyStores.toArray(new KeyStore[0])));
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore... keyStoreArr) {
        return (X509ExtendedTrustManager) Arrays.stream(keyStoreArr).map(TrustManagerUtils::createTrustManager).collect(Collectors.collectingAndThen(Collectors.toList(), TrustManagerUtils::combine));
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore keyStore) {
        return createTrustManager(keyStore, TrustManagerFactory.getDefaultAlgorithm());
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore keyStore, String str) {
        try {
            return createTrustManager(keyStore, TrustManagerFactory.getInstance(str));
        } catch (NoSuchAlgorithmException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore keyStore, String str, String str2) {
        try {
            return createTrustManager(keyStore, TrustManagerFactory.getInstance(str, str2));
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore keyStore, String str, Provider provider) {
        try {
            return createTrustManager(keyStore, TrustManagerFactory.getInstance(str, provider));
        } catch (NoSuchAlgorithmException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(KeyStore keyStore, TrustManagerFactory trustManagerFactory) {
        try {
            trustManagerFactory.init(keyStore);
            return getTrustManager(trustManagerFactory);
        } catch (KeyStoreException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters... managerFactoryParametersArr) {
        return (X509ExtendedTrustManager) Arrays.stream(managerFactoryParametersArr).map(TrustManagerUtils::createTrustManager).collect(Collectors.collectingAndThen(Collectors.toList(), TrustManagerUtils::combine));
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters managerFactoryParameters) {
        return createTrustManager(managerFactoryParameters, TrustManagerFactory.getDefaultAlgorithm());
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters managerFactoryParameters, String str) {
        try {
            return createTrustManager(managerFactoryParameters, TrustManagerFactory.getInstance(str));
        } catch (NoSuchAlgorithmException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters managerFactoryParameters, String str, String str2) {
        try {
            return createTrustManager(managerFactoryParameters, TrustManagerFactory.getInstance(str, str2));
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters managerFactoryParameters, String str, Provider provider) {
        try {
            return createTrustManager(managerFactoryParameters, TrustManagerFactory.getInstance(str, provider));
        } catch (NoSuchAlgorithmException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createTrustManager(ManagerFactoryParameters managerFactoryParameters, TrustManagerFactory trustManagerFactory) {
        try {
            trustManagerFactory.init(managerFactoryParameters);
            return getTrustManager(trustManagerFactory);
        } catch (InvalidAlgorithmParameterException e) {
            throw new GenericTrustManagerException(e);
        }
    }

    public static X509ExtendedTrustManager createUnsafeTrustManager() {
        return UnsafeX509ExtendedTrustManager.getInstance();
    }

    public static X509ExtendedTrustManager createDummyTrustManager() {
        return DummyX509ExtendedTrustManager.getInstance();
    }

    public static X509ExtendedTrustManager createCertificateCapturingTrustManager(List<X509Certificate> list) {
        return createCertificateCapturingTrustManager(createUnsafeTrustManager(), list);
    }

    public static X509ExtendedTrustManager createCertificateCapturingTrustManager(X509TrustManager x509TrustManager, List<X509Certificate> list) {
        return new CertificateCapturingX509ExtendedTrustManager(wrapIfNeeded(x509TrustManager), list);
    }

    public static X509ExtendedTrustManager wrapIfNeeded(X509TrustManager x509TrustManager) {
        return x509TrustManager instanceof X509ExtendedTrustManager ? (X509ExtendedTrustManager) x509TrustManager : new X509TrustManagerWrapper(x509TrustManager);
    }

    public static TrustManagerFactory createTrustManagerFactory(TrustManager trustManager) {
        return new TrustManagerFactoryWrapper(trustManager);
    }

    public static <T extends TrustManagerFactory> X509ExtendedTrustManager getTrustManager(T t) {
        Stream stream = Arrays.stream(t.getTrustManagers());
        Class<X509TrustManager> cls = X509TrustManager.class;
        X509TrustManager.class.getClass();
        Stream filter = stream.filter((v1) -> {
            return r1.isInstance(v1);
        });
        Class<X509TrustManager> cls2 = X509TrustManager.class;
        X509TrustManager.class.getClass();
        return (X509ExtendedTrustManager) filter.map((v1) -> {
            return r1.cast(v1);
        }).map(TrustManagerUtils::wrapIfNeeded).collect(Collectors.collectingAndThen(Collectors.toList(), TrustManagerUtils::combine));
    }

    public static X509ExtendedTrustManager createSwappableTrustManager(X509TrustManager x509TrustManager) {
        return new HotSwappableX509ExtendedTrustManager(wrapIfNeeded(x509TrustManager));
    }

    public static void swapTrustManager(X509TrustManager x509TrustManager, X509TrustManager x509TrustManager2) {
        if (x509TrustManager2 instanceof HotSwappableX509ExtendedTrustManager) {
            throw new GenericTrustManagerException(String.format("The newTrustManager should not be an instance of [%s]", HotSwappableX509ExtendedTrustManager.class.getName()));
        }
        if (!(x509TrustManager instanceof HotSwappableX509ExtendedTrustManager)) {
            throw new GenericTrustManagerException(String.format("The baseTrustManager is from the instance of [%s] and should be an instance of [%s].", x509TrustManager.getClass().getName(), HotSwappableX509ExtendedTrustManager.class.getName()));
        }
        ((HotSwappableX509ExtendedTrustManager) x509TrustManager).setTrustManager(wrapIfNeeded(x509TrustManager2));
    }

    public static X509ExtendedTrustManager createEnhanceableTrustManager(X509ExtendedTrustManager x509ExtendedTrustManager, ChainAndAuthTypeValidator chainAndAuthTypeValidator, ChainAndAuthTypeWithSocketValidator chainAndAuthTypeWithSocketValidator, ChainAndAuthTypeWithSSLEngineValidator chainAndAuthTypeWithSSLEngineValidator) {
        return new EnhanceableX509ExtendedTrustManager(x509ExtendedTrustManager, chainAndAuthTypeValidator, chainAndAuthTypeWithSocketValidator, chainAndAuthTypeWithSSLEngineValidator);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static List<X509ExtendedTrustManager> unwrapIfPossible(X509ExtendedTrustManager x509ExtendedTrustManager) {
        if (!(x509ExtendedTrustManager instanceof CompositeX509ExtendedTrustManager)) {
            return Collections.singletonList(x509ExtendedTrustManager);
        }
        ArrayList arrayList = new ArrayList();
        Iterator<X509ExtendedTrustManager> it = ((CompositeX509ExtendedTrustManager) x509ExtendedTrustManager).getTrustManagers().iterator();
        while (it.hasNext()) {
            arrayList.addAll(unwrapIfPossible(it.next()));
        }
        return arrayList;
    }

    public static TrustManagerBuilder trustManagerBuilder() {
        return new TrustManagerBuilder();
    }
}
