package io.bdeploy.common.security;

import io.bdeploy.shadow.google.common.collect.ImmutableList;
import io.bdeploy.shadow.google.common.collect.Iterables;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.stream.Stream;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:io/bdeploy/common/security/CompositeX509TrustManager.class */
public class CompositeX509TrustManager implements X509TrustManager {
    private final List<X509TrustManager> trustManagers;

    public CompositeX509TrustManager(KeyStore keyStore) {
        this.trustManagers = List.of(getDefaultTrustManager(), getTrustManager(keyStore));
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Iterator<X509TrustManager> it = this.trustManagers.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkClientTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
            }
        }
        throw new CertificateException("None of the TrustManagers trust this certificate chain");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Iterator<X509TrustManager> it = this.trustManagers.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
            }
        }
        throw new CertificateException("None of the TrustManagers trust this certificate chain");
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ImmutableList.Builder builder = ImmutableList.builder();
        Iterator<X509TrustManager> it = this.trustManagers.iterator();
        while (it.hasNext()) {
            for (X509Certificate x509Certificate : it.next().getAcceptedIssuers()) {
                builder.add((ImmutableList.Builder) x509Certificate);
            }
        }
        return (X509Certificate[]) Iterables.toArray(builder.build(), X509Certificate.class);
    }

    public static TrustManager[] getTrustManagers(KeyStore keyStore) {
        return new TrustManager[]{new CompositeX509TrustManager(keyStore)};
    }

    private static X509TrustManager getDefaultTrustManager() {
        return getTrustManager(null);
    }

    private static X509TrustManager getTrustManager(KeyStore keyStore) {
        return getTrustManager(TrustManagerFactory.getDefaultAlgorithm(), keyStore);
    }

    private static X509TrustManager getTrustManager(String str, KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(str);
            trustManagerFactory.init(keyStore);
            Stream stream = Arrays.stream(trustManagerFactory.getTrustManagers());
            Class<X509TrustManager> cls = X509TrustManager.class;
            Objects.requireNonNull(X509TrustManager.class);
            Stream filter = stream.filter((v1) -> {
                return r1.isInstance(v1);
            });
            Class<X509TrustManager> cls2 = X509TrustManager.class;
            Objects.requireNonNull(X509TrustManager.class);
            return (X509TrustManager) filter.map((v1) -> {
                return r1.cast(v1);
            }).findFirst().orElseThrow(() -> {
                return new IllegalStateException("Cannot find X509 trust manager");
            });
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IllegalStateException("Cannot create trust manager", e);
        }
    }
}
