package com.unboundid.util.ssl;

import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import com.unboundid.util.ssl.cert.CertException;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.nio.file.CopyOption;
import java.nio.file.Files;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.X509TrustManager;

@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: input_file:WEB-INF/lib/unboundid-ldapsdk-4.0.14.jar:com/unboundid/util/ssl/PromptTrustManager.class */
public final class PromptTrustManager implements X509TrustManager {
    private static final X509Certificate[] NO_CERTIFICATES = new X509Certificate[0];
    private final boolean examineValidityDates;
    private final ConcurrentHashMap<String, Boolean> acceptedCerts;
    private final InputStream in;
    private final List<String> expectedAddresses;
    private final PrintStream out;
    private final String acceptedCertsFile;

    public PromptTrustManager() {
        this(null, true, null, null);
    }

    public PromptTrustManager(String str) {
        this(str, true, null, null);
    }

    public PromptTrustManager(String str, boolean z, InputStream inputStream, PrintStream printStream) {
        this(str, z, Collections.emptyList(), inputStream, printStream);
    }

    public PromptTrustManager(String str, boolean z, String str2, InputStream inputStream, PrintStream printStream) {
        this(str, z, str2 == null ? Collections.emptyList() : Collections.singletonList(str2), inputStream, printStream);
    }

    public PromptTrustManager(String str, boolean z, Collection<String> collection, InputStream inputStream, PrintStream printStream) {
        this.acceptedCertsFile = str;
        this.examineValidityDates = z;
        if (collection == null) {
            this.expectedAddresses = Collections.emptyList();
        } else {
            this.expectedAddresses = Collections.unmodifiableList(new ArrayList(collection));
        }
        if (inputStream == null) {
            this.in = System.in;
        } else {
            this.in = inputStream;
        }
        if (printStream == null) {
            this.out = System.out;
        } else {
            this.out = printStream;
        }
        this.acceptedCerts = new ConcurrentHashMap<>(StaticUtils.computeMapCapacity(20));
        if (str != null) {
            BufferedReader bufferedReader = null;
            try {
                try {
                    File file = new File(str);
                    if (file.exists()) {
                        bufferedReader = new BufferedReader(new FileReader(file));
                        while (true) {
                            String readLine = bufferedReader.readLine();
                            if (readLine == null) {
                                break;
                            } else {
                                this.acceptedCerts.put(readLine, false);
                            }
                        }
                    }
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e) {
                            Debug.debugException(e);
                        }
                    }
                } catch (Exception e2) {
                    Debug.debugException(e2);
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e3) {
                            Debug.debugException(e3);
                        }
                    }
                }
            } catch (Throwable th) {
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (Exception e4) {
                        Debug.debugException(e4);
                    }
                }
                throw th;
            }
        }
    }

    private void writeCacheFile() throws IOException {
        File file = new File(this.acceptedCertsFile + ".new");
        BufferedWriter bufferedWriter = null;
        try {
            bufferedWriter = new BufferedWriter(new FileWriter(file));
            Iterator<String> it = this.acceptedCerts.keySet().iterator();
            while (it.hasNext()) {
                bufferedWriter.write(it.next());
                bufferedWriter.newLine();
            }
            if (bufferedWriter != null) {
                bufferedWriter.close();
            }
            File file2 = new File(this.acceptedCertsFile);
            if (file2.exists()) {
                File file3 = new File(this.acceptedCertsFile + ".previous");
                if (file3.exists()) {
                    Files.delete(file3.toPath());
                }
                Files.move(file2.toPath(), file3.toPath(), new CopyOption[0]);
            }
            Files.move(file.toPath(), file2.toPath(), new CopyOption[0]);
        } catch (Throwable th) {
            if (bufferedWriter != null) {
                bufferedWriter.close();
            }
            throw th;
        }
    }

    public synchronized boolean wouldPrompt(X509Certificate[] x509CertificateArr) {
        try {
            return PromptTrustManagerProcessor.shouldPrompt(getCacheKey(x509CertificateArr[0]), convertChain(x509CertificateArr), false, this.examineValidityDates, this.acceptedCerts, null).getFirst().booleanValue();
        } catch (Exception e) {
            Debug.debugException(e);
            return false;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:58:0x03d2, code lost:
    
        throw new java.security.cert.CertificateException(com.unboundid.util.ssl.SSLMessages.ERR_CERTIFICATE_REJECTED_BY_USER.get(com.unboundid.util.ssl.SSLUtil.certificateToString(r10[0])));
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private synchronized void checkCertificateChain(java.security.cert.X509Certificate[] r10, boolean r11) throws java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 1082
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unboundid.util.ssl.PromptTrustManager.checkCertificateChain(java.security.cert.X509Certificate[], boolean):void");
    }

    public boolean examineValidityDates() {
        return this.examineValidityDates;
    }

    public List<String> getExpectedAddresses() {
        return this.expectedAddresses;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertificateChain(x509CertificateArr, false);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertificateChain(x509CertificateArr, true);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return NO_CERTIFICATES;
    }

    static String getCacheKey(Certificate certificate) {
        return StaticUtils.toLowerCase(StaticUtils.toHex(((X509Certificate) certificate).getSignature()));
    }

    static com.unboundid.util.ssl.cert.X509Certificate[] convertChain(Certificate[] certificateArr) throws CertificateException {
        com.unboundid.util.ssl.cert.X509Certificate[] x509CertificateArr = new com.unboundid.util.ssl.cert.X509Certificate[certificateArr.length];
        for (int i = 0; i < certificateArr.length; i++) {
            try {
                x509CertificateArr[i] = new com.unboundid.util.ssl.cert.X509Certificate(certificateArr[i].getEncoded());
            } catch (CertException e) {
                Debug.debugException(e);
                throw new CertificateException(e.getMessage(), e);
            }
        }
        return x509CertificateArr;
    }
}
