package gridscale.http;

import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import scala.Function0;
import scala.Function1;
import scala.MatchError;
import scala.Tuple2;
import scala.collection.immutable.Vector;
import scala.reflect.ClassTag$;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;
import squants.time.Time;

/* compiled from: package.scala */
/* loaded from: input_file:gridscale/http/package$HTTPS$KeyStoreOperations$.class */
public class package$HTTPS$KeyStoreOperations$ {
    public static final package$HTTPS$KeyStoreOperations$ MODULE$ = new package$HTTPS$KeyStoreOperations$();

    public KeyStore createKeyStore(Vector<package$HTTPS$KeyStoreOperations$Storable> vector, String str) {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, str.toCharArray());
        ((Vector) vector.zipWithIndex()).foreach(tuple2 -> {
            $anonfun$createKeyStore$1(keyStore, tuple2);
            return BoxedUnit.UNIT;
        });
        return keyStore;
    }

    public void store(KeyStore keyStore, String str, package$HTTPS$KeyStoreOperations$Storable package_https_keystoreoperations_storable) {
        if (package_https_keystoreoperations_storable instanceof package$HTTPS$KeyStoreOperations$Credential) {
            package$HTTPS$KeyStoreOperations$Credential package_https_keystoreoperations_credential = (package$HTTPS$KeyStoreOperations$Credential) package_https_keystoreoperations_storable;
            keyStore.setEntry(str, new KeyStore.PrivateKeyEntry(package_https_keystoreoperations_credential.privateKey(), (Certificate[]) package_https_keystoreoperations_credential.certificateChain().toArray(ClassTag$.MODULE$.apply(Certificate.class))), new KeyStore.PasswordProtection(package_https_keystoreoperations_credential.password().toCharArray()));
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        } else {
            if (!(package_https_keystoreoperations_storable instanceof package$HTTPS$KeyStoreOperations$Certificate)) {
                throw new MatchError(package_https_keystoreoperations_storable);
            }
            keyStore.setCertificateEntry(str, ((package$HTTPS$KeyStoreOperations$Certificate) package_https_keystoreoperations_storable).certificate());
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
        }
    }

    public SSLContext createSSLContext(KeyStore keyStore, String str) {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        final X509TrustManager trustManager = package$HTTPS$.MODULE$.trustManager(keyStore);
        final X509TrustManager x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
        return createSSLContext(keyStore, new X509TrustManager(trustManager, x509TrustManager) { // from class: gridscale.http.package$HTTPS$KeyStoreOperations$TrustManagerDelegate$1
            private final X509TrustManager mainTrustManager;
            private final X509TrustManager fallbackTrustManager;

            public X509TrustManager mainTrustManager() {
                return this.mainTrustManager;
            }

            public X509TrustManager fallbackTrustManager() {
                return this.fallbackTrustManager;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) {
                try {
                    mainTrustManager().checkClientTrusted(x509CertificateArr, str2);
                } catch (CertificateException e) {
                    fallbackTrustManager().checkClientTrusted(x509CertificateArr, str2);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) {
                try {
                    mainTrustManager().checkServerTrusted(x509CertificateArr, str2);
                } catch (CertificateException e) {
                    fallbackTrustManager().checkServerTrusted(x509CertificateArr, str2);
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return fallbackTrustManager().getAcceptedIssuers();
            }

            {
                this.mainTrustManager = trustManager;
                this.fallbackTrustManager = x509TrustManager;
            }
        }, str);
    }

    public SSLContext createSSLContext(KeyStore keyStore, TrustManager trustManager, String str) {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str.toCharArray());
        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{trustManager}, new SecureRandom());
        return sSLContext;
    }

    public Function1<Time, SSLConnectionSocketFactory> socketFactory(Function0<SSLContext> function0, boolean z) {
        HostnameVerifier defaultHostnameVerifier = z ? SSLConnectionSocketFactory.getDefaultHostnameVerifier() : new HostnameVerifier() { // from class: gridscale.http.package$HTTPS$KeyStoreOperations$$anon$2
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
        return time -> {
            return new SSLConnectionSocketFactory(function0, defaultHostnameVerifier, time) { // from class: gridscale.http.package$HTTPS$KeyStoreOperations$$anon$3
                private final Time timeout$2;

                public void prepareSocket(SSLSocket sSLSocket) {
                    super.prepareSocket(sSLSocket);
                    sSLSocket.setSoTimeout((int) this.timeout$2.millis());
                }

                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super((SSLContext) function0.apply(), defaultHostnameVerifier);
                    this.timeout$2 = time;
                }
            };
        };
    }

    public static final /* synthetic */ void $anonfun$createKeyStore$1(KeyStore keyStore, Tuple2 tuple2) {
        if (tuple2 == null) {
            throw new MatchError(tuple2);
        }
        MODULE$.store(keyStore, BoxesRunTime.boxToInteger(tuple2._2$mcI$sp()).toString(), (package$HTTPS$KeyStoreOperations$Storable) tuple2._1());
        BoxedUnit boxedUnit = BoxedUnit.UNIT;
    }
}
