package com.unboundid.util.ssl;

import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.security.MessageDigest;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Iterator;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.logging.log4j.message.ParameterizedMessage;

@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: input_file:lib/unboundid-ldapsdk-4.0.2.jar:com/unboundid/util/ssl/PromptTrustManager.class */
public final class PromptTrustManager implements X509TrustManager {
    private static final MessageDigest MD5;
    private static final MessageDigest SHA1;
    private static final MessageDigest SHA256;
    private static final X509Certificate[] NO_CERTIFICATES = new X509Certificate[0];
    private final boolean examineValidityDates;
    private final ConcurrentHashMap<String, Boolean> acceptedCerts;
    private final InputStream in;
    private final PrintStream out;
    private final String acceptedCertsFile;

    public PromptTrustManager() {
        this(null, true, null, null);
    }

    public PromptTrustManager(String str) {
        this(str, true, null, null);
    }

    public PromptTrustManager(String str, boolean z, InputStream inputStream, PrintStream printStream) {
        this.acceptedCertsFile = str;
        this.examineValidityDates = z;
        if (inputStream == null) {
            this.in = System.in;
        } else {
            this.in = inputStream;
        }
        if (printStream == null) {
            this.out = System.out;
        } else {
            this.out = printStream;
        }
        this.acceptedCerts = new ConcurrentHashMap<>();
        if (str != null) {
            BufferedReader bufferedReader = null;
            try {
                try {
                    File file = new File(str);
                    if (file.exists()) {
                        bufferedReader = new BufferedReader(new FileReader(file));
                        while (true) {
                            String readLine = bufferedReader.readLine();
                            if (readLine == null) {
                                break;
                            } else {
                                this.acceptedCerts.put(readLine, false);
                            }
                        }
                    }
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e) {
                            Debug.debugException(e);
                        }
                    }
                } catch (Throwable th) {
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e2) {
                            Debug.debugException(e2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e3) {
                Debug.debugException(e3);
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (Exception e4) {
                        Debug.debugException(e4);
                    }
                }
            }
        }
    }

    private void writeCacheFile() throws IOException {
        File file = new File(this.acceptedCertsFile + ".new");
        BufferedWriter bufferedWriter = null;
        try {
            bufferedWriter = new BufferedWriter(new FileWriter(file));
            Iterator<String> it = this.acceptedCerts.keySet().iterator();
            while (it.hasNext()) {
                bufferedWriter.write(it.next());
                bufferedWriter.newLine();
            }
            if (bufferedWriter != null) {
                bufferedWriter.close();
            }
            File file2 = new File(this.acceptedCertsFile);
            if (file2.exists()) {
                File file3 = new File(this.acceptedCertsFile + ".previous");
                if (file3.exists()) {
                    file3.delete();
                }
                file2.renameTo(file3);
            }
            file.renameTo(file2);
        } catch (Throwable th) {
            if (bufferedWriter != null) {
                bufferedWriter.close();
            }
            throw th;
        }
    }

    public synchronized boolean wouldPrompt(X509Certificate[] x509CertificateArr) {
        X509Certificate x509Certificate = x509CertificateArr[0];
        Boolean bool = this.acceptedCerts.get(StaticUtils.toLowerCase(StaticUtils.toHex(x509Certificate.getSignature())));
        if (bool == null) {
            return true;
        }
        if (bool.booleanValue() || !this.examineValidityDates) {
            return false;
        }
        Date date = new Date();
        return (date.before(x509Certificate.getNotBefore()) || date.after(x509Certificate.getNotAfter())) ? false : true;
    }

    /* JADX WARN: Code restructure failed: missing block: B:49:0x030b, code lost:
    
        r0 = com.unboundid.util.StaticUtils.toLowerCase(com.unboundid.util.StaticUtils.toHex(r0.getSignature()));
        r0 = r9.acceptedCerts;
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x031f, code lost:
    
        if (r12 == null) goto L62;
     */
    /* JADX WARN: Code restructure failed: missing block: B:51:0x0322, code lost:
    
        r2 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x0327, code lost:
    
        r0.put(r0, java.lang.Boolean.valueOf(r2));
     */
    /* JADX WARN: Code restructure failed: missing block: B:53:0x0332, code lost:
    
        if (r9.acceptedCertsFile == null) goto L83;
     */
    /* JADX WARN: Code restructure failed: missing block: B:55:0x0335, code lost:
    
        writeCacheFile();
     */
    /* JADX WARN: Code restructure failed: missing block: B:57:?, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x033c, code lost:
    
        r17 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:59:0x033e, code lost:
    
        com.unboundid.util.Debug.debugException(r17);
     */
    /* JADX WARN: Code restructure failed: missing block: B:60:0x0343, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:61:?, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:62:0x0326, code lost:
    
        r2 = false;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private synchronized void checkCertificateChain(java.security.cert.X509Certificate[] r10, boolean r11) throws java.security.cert.CertificateException {
        /*
            Method dump skipped, instructions count: 836
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unboundid.util.ssl.PromptTrustManager.checkCertificateChain(java.security.cert.X509Certificate[], boolean):void");
    }

    private static String getFingerprint(X509Certificate x509Certificate, MessageDigest messageDigest) throws CertificateException {
        byte[] digest;
        byte[] encoded = x509Certificate.getEncoded();
        synchronized (messageDigest) {
            digest = messageDigest.digest(encoded);
        }
        StringBuilder sb = new StringBuilder(3 * encoded.length);
        StaticUtils.toHex(digest, ParameterizedMessage.ERROR_MSG_SEPARATOR, sb);
        return sb.toString();
    }

    public boolean examineValidityDates() {
        return this.examineValidityDates;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertificateChain(x509CertificateArr, false);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        checkCertificateChain(x509CertificateArr, true);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return NO_CERTIFICATES;
    }

    static {
        try {
            MD5 = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
            try {
                SHA1 = MessageDigest.getInstance("SHA-1");
                try {
                    SHA256 = MessageDigest.getInstance("SHA-256");
                } catch (Exception e) {
                    Debug.debugException(e);
                    throw new RuntimeException(e);
                }
            } catch (Exception e2) {
                Debug.debugException(e2);
                throw new RuntimeException(e2);
            }
        } catch (Exception e3) {
            Debug.debugException(e3);
            throw new RuntimeException(e3);
        }
    }
}
