package net.codinux.log.kubernetes.web;

import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import net.codinux.log.statelogger.AppenderStateLogger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: CertificateTrustManager.kt */
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��:\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\bÆ\u0002\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0018\u0010\u0007\u001a\u00020\b2\b\u0010\t\u001a\u0004\u0018\u00010\n2\u0006\u0010\u000b\u001a\u00020\fJ\u0010\u0010\r\u001a\u00020\u00042\u0006\u0010\u000e\u001a\u00020\u000fH\u0002J\u0018\u0010\r\u001a\u00020\u00102\b\u0010\t\u001a\u0004\u0018\u00010\n2\u0006\u0010\u000b\u001a\u00020\fJ\u0010\u0010\u0011\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0013H\u0002R\u0011\u0010\u0003\u001a\u00020\u0004¢\u0006\b\n��\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0014"}, d2 = {"Lnet/codinux/log/kubernetes/web/CertificateTrustManager;", "", "()V", "TrustAllCertificatesTrustManager", "Ljavax/net/ssl/X509TrustManager;", "getTrustAllCertificatesTrustManager", "()Ljavax/net/ssl/X509TrustManager;", "createSslContextForCertificate", "Ljavax/net/ssl/SSLContext;", "certificateString", "", "stateLogger", "Lnet/codinux/log/statelogger/AppenderStateLogger;", "createTrustManagerForCertificate", "certificate", "Ljava/security/cert/Certificate;", "Ljavax/net/ssl/TrustManager;", "createTrustManagerForKeyStore", "keyStore", "Ljava/security/KeyStore;", "CodinuxKubernetesInfoRetriever"})
@SourceDebugExtension({"SMAP\nCertificateTrustManager.kt\nKotlin\n*S Kotlin\n*F\n+ 1 CertificateTrustManager.kt\nnet/codinux/log/kubernetes/web/CertificateTrustManager\n+ 2 _Arrays.kt\nkotlin/collections/ArraysKt___ArraysKt\n*L\n1#1,63:1\n4098#2,11:64\n*S KotlinDebug\n*F\n+ 1 CertificateTrustManager.kt\nnet/codinux/log/kubernetes/web/CertificateTrustManager\n*L\n60#1:64,11\n*E\n"})
/* loaded from: input_file:net/codinux/log/kubernetes/web/CertificateTrustManager.class */
public final class CertificateTrustManager {

    @NotNull
    public static final CertificateTrustManager INSTANCE = new CertificateTrustManager();

    @NotNull
    private static final X509TrustManager TrustAllCertificatesTrustManager = new X509TrustManager() { // from class: net.codinux.log.kubernetes.web.CertificateTrustManager$TrustAllCertificatesTrustManager$1
        @Override // javax.net.ssl.X509TrustManager
        @NotNull
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(@Nullable X509Certificate[] x509CertificateArr, @Nullable String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(@Nullable X509Certificate[] x509CertificateArr, @Nullable String str) {
        }
    };

    private CertificateTrustManager() {
    }

    @NotNull
    public final X509TrustManager getTrustAllCertificatesTrustManager() {
        return TrustAllCertificatesTrustManager;
    }

    @NotNull
    public final SSLContext createSslContextForCertificate(@Nullable String str, @NotNull AppenderStateLogger appenderStateLogger) {
        Intrinsics.checkNotNullParameter(appenderStateLogger, "stateLogger");
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{INSTANCE.createTrustManagerForCertificate(str, appenderStateLogger)}, null);
        Intrinsics.checkNotNullExpressionValue(sSLContext, "apply(...)");
        return sSLContext;
    }

    @NotNull
    public final TrustManager createTrustManagerForCertificate(@Nullable String str, @NotNull AppenderStateLogger appenderStateLogger) {
        Intrinsics.checkNotNullParameter(appenderStateLogger, "stateLogger");
        if (str != null) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                byte[] bytes = str.getBytes(Charsets.UTF_8);
                Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
                Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(bytes));
                Intrinsics.checkNotNull(generateCertificate);
                return createTrustManagerForCertificate(generateCertificate);
            } catch (Throwable th) {
                appenderStateLogger.error("Could not add Kubernetes server certificate to KeyStore", th);
            }
        }
        return TrustAllCertificatesTrustManager;
    }

    private final X509TrustManager createTrustManagerForCertificate(Certificate certificate) {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setCertificateEntry("KubeServer", certificate);
        Intrinsics.checkNotNull(keyStore);
        return createTrustManagerForKeyStore(keyStore);
    }

    private final X509TrustManager createTrustManagerForKeyStore(KeyStore keyStore) {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        Intrinsics.checkNotNullExpressionValue(trustManagers, "getTrustManagers(...)");
        TrustManager[] trustManagerArr = trustManagers;
        ArrayList arrayList = new ArrayList();
        for (TrustManager trustManager : trustManagerArr) {
            if (trustManager instanceof X509TrustManager) {
                arrayList.add(trustManager);
            }
        }
        return (X509TrustManager) CollectionsKt.first(arrayList);
    }
}
