package org.pkl.core.runtime;

import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:org/pkl/core/runtime/CertificateUtils.class */
public class CertificateUtils {
    public static void setupAllX509CertificatesGlobally(List<Object> list) {
        try {
            ArrayList arrayList = new ArrayList(list.size());
            Iterator<Object> it = list.iterator();
            while (it.hasNext()) {
                InputStream inputStream = toInputStream(it.next());
                try {
                    arrayList.addAll(generateCertificates(inputStream));
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } finally {
                }
            }
            setupX509CertificatesGlobally(arrayList);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static InputStream toInputStream(Object obj) throws IOException {
        if (obj instanceof Path) {
            return Files.newInputStream((Path) obj, new OpenOption[0]);
        }
        if (obj instanceof InputStream) {
            return (InputStream) obj;
        }
        throw new IllegalArgumentException("Unknown class for certificate: " + obj.getClass() + ". Valid types: java.nio.Path, java.io.InputStream");
    }

    private static Collection<X509Certificate> generateCertificates(InputStream inputStream) throws CertificateException {
        return CertificateFactory.getInstance("X.509").generateCertificates(inputStream);
    }

    private static void setupX509CertificatesGlobally(Collection<X509Certificate> collection) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, KeyManagementException {
        System.setProperty("com.sun.net.ssl.checkRevocation", "true");
        Security.setProperty("ocsp.enable", "true");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        int i = 1;
        Iterator<X509Certificate> it = collection.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            keyStore.setCertificateEntry("Certificate" + i2, it.next());
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
    }
}
