package com.google.cloud.alloydb;

import com.google.cloud.alloydb.connectors.v1.MetadataExchangeResponse;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/google/cloud/alloydb/FakeSslServer.class */
class FakeSslServer {
    private static final String TLS_1_3 = "TLSv1.3";
    private static final String X_509 = "X.509";
    private static final String ROOT_CA_CERT = "rootCaCert";
    private static final int IO_TIMEOUT_MS = 30000;
    private String message;
    private Thread thread;

    /* JADX INFO: Access modifiers changed from: package-private */
    public FakeSslServer(String str) {
        this.message = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int start(String str) throws InterruptedException {
        CountDownLatch countDownLatch = new CountDownLatch(1);
        AtomicInteger atomicInteger = new AtomicInteger();
        this.thread = new Thread(() -> {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(X_509);
                PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decodeBase64StripWhitespace("MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDB9U/OCzEXHR39\nrFVZBZ899TgBSqqWTaurUPrbtCwa6qDfRZZJjHm1hyN2MFT84m35t4lvPl6OGe5z\nnCij9GftIJEbGgCNNbQJbsnaVWlU7ZpwdVUHaktJ19NYLKhsgirAeLOTBz20UE/0\nhZmj18KSBA8xojSb9TyRX0AWtCcSsjLzvFjib8ccvZ1tAMkPb8gJaOMewc3Trx+3\nowrkDkqageT/LiislziYVhuEf8P21ggVfXlZ275jtvaGJ/fgq7I+isDHcFeGnWaV\nq1iaGz1bhxsCmhZXMrhBSD0H2vaGq30eugOGGEkK/eVgHSQGz7LxKzAfYIjab/O2\ng+Pr6ewHAgMBAAECggEAVlLH4fw5LQBYiL5affRymzC4bFq+8YZAEU9JVt8pghFK\n6BQgfzt2L8Slk8SPDr34FFwLXudzTetcpTerHs14M6F684TvGen85vXYAMRizNmz\nErolzdcRCxxzg5rcmu6T+HW/9oAShl34N+v+JV2xyyrjWEPJBmBvRIQQEgq8GSVP\nE1ls0ngRsu0JRgA5+tYGpQfm4khYqAW3/VjLUigiPiVzr7c9X4VTGlT2tEWSYxY/\nddOkCbRMkMjr/fmFwbd+zvkwnSBZc+8GkitfL1P2udkOlN+JrdLV45fcmvlGmmKY\nBs0fIpKNrlYoIj7EssKqbUrs108GTmfNaQLbj3LFgQKBgQD2IKbXlETdj3F1NlkL\nomitPjat8+y0iW21kpc0rx1EO+BlNlRhbq1c2zgI+Rqc5MhmZKqGE3rI6hdLVpLi\nMAS43u8zybusSC2DSpBm+IQoEhYjLlvpPKRbC0DuZMDYHFIXfOqH28XW5D2zodsm\nqf95fv4BU5VOYTLREwcJ/qKwewKBgQDJvPZUH6SgbtXzPttq5cuw0GebK0KtTDxb\n70FndBqNi+vo63DDiAkmlv2f39MwiyqthWeTqrYkwTGZ/j5ocZ/OxF1YRnBc/Oxa\n7Ww9XkwulUY0OzFo8vxtTcfVAG9YPVTh1AnZVVkvKNLQfk1xn5eoGoCl/+3Lau6I\nTR9JRBPK5QKBgQCsD4FzXaSS2u9vCHJRjtTsn3xsOQS15Qj8ESGBZBXqmI0zVDrC\n7jNloZ7XrwUqv0lVQ3RuTHnesL9eHISMeRMkBj1kj9eSBddDXEH8qikBNjuhlowM\nTid7ui9HOMoTiiDdaKcwGLSCmIaF6FWi/t6pGd0KIltTMuHqhQm7s/YZtwKBgQCB\nV1ePQ+JmwekGVYyUEtTvfg6PG8NaHICuaM1EKNpFWipcYWcg1f0X8sKVWAmtG+y2\n58sqj87L7dmBY9JbYE4XYSp/yFmOJNLc0VAOYIDzdN1X64OYSAGziqTOWcMJjfj3\n+Nx/rQrLA5918SRx7uJq8uL8iwPI4bwhQ2EFtlICSQKBgElS6Vuf5wmsY46CoS8v\nC4sj0rH2vvd+0SJQ3BLqZ7nYKFWnK51YmN3Ov9SQwtabjV+Ld4oa6y2c+Op0L40M\nkbYhuV4j4anTysFdKpiD6hEnYFkOM2eE7dUK9w7qagZNOBKbLpqZFXnBCTOVmaj+\nzzzMeuzI2oqt8Eo5FiHWVNah")));
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream("-----BEGIN CERTIFICATE-----\nMIIDczCCAlugAwIBAgIUVBeC053gIZyEgtGVPhSNSQPnGvYwDQYJKoZIhvcNAQEL\nBQAwSTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVTMRQwEgYDVQQKDAtHb29nbGUs\nIEluYzEXMBUGA1UEAwwOR29vZ2xlIEFsbG95REIwHhcNMjQwMjAyMDA0NTM0WhcN\nMzQwMTMwMDA0NTM0WjBJMQswCQYDVQQGEwJVUzELMAkGA1UECAwCVVMxFDASBgNV\nBAoMC0dvb2dsZSwgSW5jMRcwFQYDVQQDDA5Hb29nbGUgQWxsb3lEQjCCASIwDQYJ\nKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0XZ3feiWSF3KB9WwFxbMimxLwLb52f\nRXJZCoKxTypOmIXhKq9AgCdCa+QOXJNMwmOhKbAR8ZpgWTHs07Sd5i1iBt2uahf4\naVYMDT+qA+JR3qObeVNbjqlP1cluagjGICd1j4b9+W0B9vEThb8rVhE1pYuCdavA\nFbHWfsubEVqFtf9+za9E4nC3zEvO2k42i+/2E7OF4CmRohu/86vUGHFCCq1WXRP0\n2JT9LGfhsnYSh2X71L2K+Nc/o3l2ovw2iUWaxyZwKBQHfMYhL/LsuyL9+8sHIRfM\n5cNxZtTK0XMVVil/3T9FfixK7TBs2k0jcOrb+UPGRNrlcAqXN/pi88cCAwEAAaNT\nMFEwHQYDVR0OBBYEFOPZckHWcDjT4yjxhbXrvDI6U3e4MB8GA1UdIwQYMBaAFOPZ\nckHWcDjT4yjxhbXrvDI6U3e4MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL\nBQADggEBADxe5BWMzM6bMff3Wf5FXPQkXvbtNFuQxA5zdH5r7UZY0Pj6phpZPjyo\nIAtb02NqANFt7lZ/YwjD9KmfuNvvC4ENKapqZ9PDy3Pon4NkiZNBwGpa/G/QE9d0\nb7imRH01fad/CT9X321oU52ybvEhKYu6VAFHpYPoMj5yEe8ib34XGChWWT/CvcTC\n7p6Kha4d0ueqjeCBlMbr+GJgRPgfjc5tzPtzom9XVjDLGkSwYSCDo9TYuVghYqccLl9Pt3ZnDnteA1W7AOiRKHdyyKZYy5UMVCaOA1Evqa6fA/c0QWIXRHQTwfXNFA59R1BmNA/ePVsq6bzDThRc5qrr2hA41qg=-----END CERTIFICATE-----".getBytes(StandardCharsets.UTF_8)));
                KeyManager[] initializeKeyManager = initializeKeyManager(new Certificate[]{certificateFactory.generateCertificate(new ByteArrayInputStream("-----BEGIN CERTIFICATE-----\nMIIDGTCCAgECFE19gRBeLBNwPsrbQA/HMRQLXrbuMA0GCSqGSIb3DQEBCwUAMEkx\nCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJVUzEUMBIGA1UECgwLR29vZ2xlLCBJbmMx\nFzAVBgNVBAMMDkdvb2dsZSBBbGxveURCMB4XDTI0MDIwMjAwNTAxMFoXDTM0MDEz\nMDAwNTAxMFowSTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlVTMRQwEgYDVQQKDAtH\nb29nbGUsIEluYzEXMBUGA1UEAwwOR29vZ2xlIEFsbG95REIwggEiMA0GCSqGSIb3\nDQEBAQUAA4IBDwAwggEKAoIBAQDB9U/OCzEXHR39rFVZBZ899TgBSqqWTaurUPrb\ntCwa6qDfRZZJjHm1hyN2MFT84m35t4lvPl6OGe5znCij9GftIJEbGgCNNbQJbsna\nVWlU7ZpwdVUHaktJ19NYLKhsgirAeLOTBz20UE/0hZmj18KSBA8xojSb9TyRX0AW\ntCcSsjLzvFjib8ccvZ1tAMkPb8gJaOMewc3Trx+3owrkDkqageT/LiislziYVhuE\nf8P21ggVfXlZ275jtvaGJ/fgq7I+isDHcFeGnWaVq1iaGz1bhxsCmhZXMrhBSD0H\n2vaGq30eugOGGEkK/eVgHSQGz7LxKzAfYIjab/O2g+Pr6ewHAgMBAAEwDQYJKoZI\nhvcNAQELBQADggEBAJfjDyDs42FrCGyiHGtbKynG1CcFh+be7LelYj26hf691veB\nSfBNFXdw5iM23Y4jRC7lWgQWVTbTd/GrFQsE+3oquYGVIWAKYILyQsF/qMm9Bl9j\njftXSGZ3wbl8fph6uACjmaiaUEOVr3RTRM+RG5VxYdkHpoLxS3Xj4DrNAsjinZOF\nVvefeqZ7CBpuxa8dFe3LTUugm52BhDxDnW1HrvCZ8WUYtqyUu2xM/vONeL/IILJ0\nrjQ2Gj6x5TMjjFlSnR4woLnnosre8+bV9A8HyOTe439CKGEVHrKKNn9J6gWj5APk\nzqy7ZpLK1u+M9+O9GaHdsJ90GiMAFnUJ4ncu4jI=-----END CERTIFICATE-----".getBytes(StandardCharsets.UTF_8)))}, generatePrivate);
                TrustManager[] initializeTrustManager = initializeTrustManager(x509Certificate);
                SSLContext sSLContext = SSLContext.getInstance(TLS_1_3);
                sSLContext.init(initializeKeyManager, initializeTrustManager, new SecureRandom());
                SSLServerSocket sSLServerSocket = (SSLServerSocket) sSLContext.getServerSocketFactory().createServerSocket(5433, 5, InetAddress.getByName(str));
                sSLServerSocket.setNeedClientAuth(true);
                atomicInteger.set(sSLServerSocket.getLocalPort());
                countDownLatch.countDown();
                MetadataExchangeResponse build = MetadataExchangeResponse.newBuilder().setResponseCode(MetadataExchangeResponse.ResponseCode.OK).build();
                while (true) {
                    SSLSocket sSLSocket = (SSLSocket) sSLServerSocket.accept();
                    sSLSocket.startHandshake();
                    sSLSocket.setSoTimeout(IO_TIMEOUT_MS);
                    DataInputStream dataInputStream = new DataInputStream(new BufferedInputStream(sSLSocket.getInputStream()));
                    dataInputStream.readFully(new byte[dataInputStream.readInt()]);
                    DataOutputStream dataOutputStream = new DataOutputStream(new BufferedOutputStream(sSLSocket.getOutputStream()));
                    dataOutputStream.writeInt(build.getSerializedSize());
                    dataOutputStream.write(build.toByteArray());
                    dataOutputStream.flush();
                    dataOutputStream.write(this.message.getBytes(StandardCharsets.UTF_8));
                    dataOutputStream.flush();
                    sSLSocket.close();
                }
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        });
        this.thread.start();
        countDownLatch.await();
        return atomicInteger.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void stop() {
        this.thread.interrupt();
    }

    private byte[] decodeBase64StripWhitespace(String str) {
        return Base64.getDecoder().decode(str.replaceAll("\\s", ""));
    }

    private TrustManager[] initializeTrustManager(X509Certificate x509Certificate) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setCertificateEntry(ROOT_CA_CERT, x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(X_509);
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    private KeyManager[] initializeKeyManager(Certificate[] certificateArr, PrivateKey privateKey) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        keyStore.setEntry("serverCert", new KeyStore.PrivateKeyEntry(privateKey, certificateArr), new KeyStore.PasswordProtection(new char[0]));
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, new char[0]);
        return keyManagerFactory.getKeyManagers();
    }
}
