package de.lolhens.trustmanager;

import cats.NotNull$;
import cats.kernel.Semigroup;
import cats.kernel.Semigroup$;
import cats.syntax.EitherObjectOps$;
import cats.syntax.EitherSyntax$CatchOnlyPartiallyApplied$;
import cats.syntax.package$all$;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.MatchError;
import scala.Predef$;
import scala.collection.ArrayOps$;
import scala.collection.IterableOnceOps;
import scala.collection.Iterator;
import scala.collection.JavaConverters$;
import scala.collection.immutable.Seq;
import scala.package$;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;
import scala.runtime.ModuleSerializationProxy;
import scala.runtime.NonLocalReturnControl;
import scala.util.Either;

/* compiled from: TrustManagers.scala */
/* loaded from: input_file:de/lolhens/trustmanager/TrustManagers$.class */
public final class TrustManagers$ implements Serializable {
    private static final Semigroup trustManagerSemigroup;
    private static final Logger logger;
    public static final TrustManagers$ MODULE$ = new TrustManagers$();
    private static final X509TrustManager insecureTrustManager = new X509TrustManager() { // from class: de.lolhens.trustmanager.TrustManagers$$anon$1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return (X509Certificate[]) null;
        }
    };

    private TrustManagers$() {
    }

    static {
        Semigroup$ semigroup$ = Semigroup$.MODULE$;
        TrustManagers$ trustManagers$ = MODULE$;
        trustManagerSemigroup = semigroup$.instance((x509TrustManager, x509TrustManager2) -> {
            return new X509TrustManager(x509TrustManager, x509TrustManager2) { // from class: de.lolhens.trustmanager.TrustManagers$$anon$2
                private final X509TrustManager trustManager1$1;
                private final X509TrustManager trustManager2$1;

                {
                    this.trustManager1$1 = x509TrustManager;
                    this.trustManager2$1 = x509TrustManager2;
                }

                /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    try {
                        this.trustManager1$1.checkClientTrusted(x509CertificateArr, str);
                    } catch (CertificateException e) {
                        try {
                            this.trustManager2$1.checkClientTrusted(x509CertificateArr, str);
                        } catch (CertificateException e2) {
                            e2.addSuppressed(e);
                            throw e2;
                        }
                    }
                }

                /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    try {
                        this.trustManager1$1.checkServerTrusted(x509CertificateArr, str);
                    } catch (CertificateException e) {
                        try {
                            this.trustManager2$1.checkServerTrusted(x509CertificateArr, str);
                        } catch (CertificateException e2) {
                            e2.addSuppressed(e);
                            throw e2;
                        }
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return (X509Certificate[]) ArrayOps$.MODULE$.$plus$plus$extension(Predef$.MODULE$.refArrayOps(this.trustManager1$1.getAcceptedIssuers()), this.trustManager2$1.getAcceptedIssuers(), ClassTag$.MODULE$.apply(X509Certificate.class));
                }
            };
        });
        logger = LoggerFactory.getLogger("de.lolhens.trustmanager.TrustManagers");
    }

    private Object writeReplace() {
        return new ModuleSerializationProxy(TrustManagers$.class);
    }

    public X509TrustManager insecureTrustManager() {
        return insecureTrustManager;
    }

    public Semigroup<X509TrustManager> trustManagerSemigroup() {
        return trustManagerSemigroup;
    }

    public X509TrustManager trustManagerFromKeyStore(KeyStore keyStore) {
        Object obj = new Object();
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            ArrayOps$.MODULE$.foreach$extension(Predef$.MODULE$.refArrayOps(trustManagerFactory.getTrustManagers()), trustManager -> {
                if (trustManager instanceof X509TrustManager) {
                    throw new NonLocalReturnControl(obj, (X509TrustManager) trustManager);
                }
                throw new MatchError(trustManager);
            });
            return null;
        } catch (NonLocalReturnControl e) {
            if (e.key() == obj) {
                return (X509TrustManager) e.value();
            }
            throw e;
        }
    }

    public X509TrustManager defaultTrustManager() {
        return trustManagerFromKeyStore(null);
    }

    public void setDefaultTrustManager(TrustManager trustManager) {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init((KeyManager[]) null, new TrustManager[]{trustManager}, null);
        SSLContext.setDefault(sSLContext);
    }

    public KeyStore keyStoreFromCertificates(Seq<Certificate> seq) {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, new char[0]);
        ((IterableOnceOps) seq.zipWithIndex()).foreach(tuple2 -> {
            if (tuple2 == null) {
                throw new MatchError(tuple2);
            }
            keyStore.setCertificateEntry(BoxesRunTime.boxToInteger(BoxesRunTime.unboxToInt(tuple2._2())).toString(), (Certificate) tuple2._1());
        });
        return keyStore;
    }

    public Either<CertificateException, X509Certificate> x509CertificateFromBytes(byte[] bArr) {
        return EitherSyntax$CatchOnlyPartiallyApplied$.MODULE$.apply$extension(EitherObjectOps$.MODULE$.catchOnly$extension(package$all$.MODULE$.catsSyntaxEitherObject(package$.MODULE$.Either())), () -> {
            return r2.x509CertificateFromBytes$$anonfun$1(r3);
        }, ClassTag$.MODULE$.apply(CertificateException.class), NotNull$.MODULE$.catsNotNullForA());
    }

    public X509TrustManager trustManagerFromCertificatePath(Path path) {
        return trustManagerFromKeyStore(keyStoreFromCertificates(((Iterator) JavaConverters$.MODULE$.asScalaIteratorConverter(Files.list(path).iterator()).asScala()).filter(path2 -> {
            return Files.isRegularFile(path2, new LinkOption[0]);
        }).flatMap(path3 -> {
            Either flatMap = EitherSyntax$CatchOnlyPartiallyApplied$.MODULE$.apply$extension(EitherObjectOps$.MODULE$.catchOnly$extension(package$all$.MODULE$.catsSyntaxEitherObject(package$.MODULE$.Either())), () -> {
                return r2.$anonfun$1(r3);
            }, ClassTag$.MODULE$.apply(IOException.class), NotNull$.MODULE$.catsNotNullForA()).flatMap(bArr -> {
                return x509CertificateFromBytes(bArr).map(x509Certificate -> {
                    return x509Certificate;
                });
            });
            flatMap.fold(exc -> {
                Logger logger2 = logger;
                if (logger2.isWarnEnabled()) {
                    logger2.warn(new StringBuilder(28).append("Failed to load certificate: ").append(path3).toString(), exc);
                }
            }, x509Certificate -> {
                Logger logger2 = logger;
                if (logger2.isInfoEnabled()) {
                    logger2.info(new StringBuilder(20).append("Loaded certificate: ").append(path3).toString());
                }
            });
            return flatMap.toSeq();
        }).toSeq()));
    }

    private final X509Certificate x509CertificateFromBytes$$anonfun$1(byte[] bArr) {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    private final byte[] $anonfun$1(Path path) {
        return Files.readAllBytes(path);
    }
}
