package org.bzdev.net;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Iterator;
import java.util.function.Predicate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:libbzdev-base.jar:org/bzdev/net/SSLUtilities.class */
public class SSLUtilities {
    private static HostnameVerifier defaultHNV = HttpsURLConnection.getDefaultHostnameVerifier();

    public static void installTrustManager(String str, File file, char[] cArr, final Predicate<X509Certificate> predicate) throws IOException, GeneralSecurityException, CertificateException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        X509TrustManager x509TrustManager = null;
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        int length = trustManagers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            TrustManager trustManager = trustManagers[i];
            if (trustManager instanceof X509TrustManager) {
                x509TrustManager = (X509TrustManager) trustManager;
                break;
            }
            i++;
        }
        final X509TrustManager x509TrustManager2 = x509TrustManager;
        X509TrustManager x509TrustManager3 = null;
        if (file != null) {
            FileInputStream fileInputStream = new FileInputStream(file);
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, cArr);
            TrustManagerFactory trustManagerFactory2 = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory2.init(keyStore);
            TrustManager[] trustManagers2 = trustManagerFactory2.getTrustManagers();
            int length2 = trustManagers2.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                TrustManager trustManager2 = trustManagers2[i2];
                if (trustManager2 instanceof X509TrustManager) {
                    x509TrustManager3 = (X509TrustManager) trustManager2;
                    break;
                }
                i2++;
            }
        }
        final X509TrustManager x509TrustManager4 = x509TrustManager3;
        X509TrustManager x509TrustManager5 = new X509TrustManager() { // from class: org.bzdev.net.SSLUtilities.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                X509Certificate[] acceptedIssuers = x509TrustManager2.getAcceptedIssuers();
                X509Certificate[] acceptedIssuers2 = x509TrustManager4 != null ? x509TrustManager4.getAcceptedIssuers() : null;
                HashSet hashSet = new HashSet();
                for (X509Certificate x509Certificate : acceptedIssuers) {
                    hashSet.add(x509Certificate);
                }
                if (acceptedIssuers2 != null) {
                    for (X509Certificate x509Certificate2 : acceptedIssuers2) {
                        hashSet.add(x509Certificate2);
                    }
                }
                X509Certificate[] x509CertificateArr = new X509Certificate[hashSet.size()];
                int i3 = 0;
                Iterator it = hashSet.iterator();
                while (it.hasNext()) {
                    int i4 = i3;
                    i3++;
                    x509CertificateArr[i4] = (X509Certificate) it.next();
                }
                return x509CertificateArr;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                try {
                    x509TrustManager2.checkServerTrusted(x509CertificateArr, str2);
                } catch (CertificateException e) {
                    try {
                        if (x509TrustManager4 == null) {
                            throw e;
                        }
                        x509TrustManager4.checkServerTrusted(x509CertificateArr, str2);
                    } catch (CertificateException e2) {
                        if (predicate == null) {
                            throw e2;
                        }
                        if (x509CertificateArr.length > 0) {
                            throw e2;
                        }
                        X509Certificate x509Certificate = x509CertificateArr[0];
                        x509Certificate.checkValidity();
                        try {
                            x509Certificate.verify(x509Certificate.getPublicKey());
                            if (!predicate.test(x509Certificate)) {
                                throw e2;
                            }
                        } catch (GeneralSecurityException e3) {
                            throw new CertificateException(e2.getMessage(), e3);
                        }
                    }
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                try {
                    x509TrustManager2.checkClientTrusted(x509CertificateArr, str2);
                } catch (CertificateException e) {
                    if (x509TrustManager4 == null) {
                        throw e;
                    }
                    x509TrustManager4.checkClientTrusted(x509CertificateArr, str2);
                }
            }
        };
        SSLContext sSLContext = SSLContext.getInstance(str);
        sSLContext.init(null, new TrustManager[]{x509TrustManager5}, null);
        SSLContext.setDefault(sSLContext);
    }

    public static void allowLoopbackHostname() {
        HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { // from class: org.bzdev.net.SSLUtilities.2
            String loopback = InetAddress.getLoopbackAddress().getHostName();

            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                boolean verify = SSLUtilities.defaultHNV.verify(str, sSLSession);
                if (verify || !str.equals(this.loopback)) {
                    return verify;
                }
                return true;
            }
        });
    }

    public static void disallowLoopbackHostname() {
        HttpsURLConnection.setDefaultHostnameVerifier(defaultHNV);
    }
}
