package org.consensusj.jsonrpc;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Path;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/consensusj/jsonrpc/CompositeTrustManager.class */
public class CompositeTrustManager implements X509TrustManager {
    private static final Logger log = LoggerFactory.getLogger(CompositeTrustManager.class);
    private static final char[] password = {'c', 'h', 'a', 'n', 'g', 'e', 'i', 't'};
    private final List<X509TrustManager> trustManagerList;

    public CompositeTrustManager(InputStream inputStream) {
        ArrayList arrayList = new ArrayList();
        try {
            try {
                arrayList.add(getCustomTrustManager(inputStream));
                arrayList.add(getDefaultTrustManager());
                this.trustManagerList = arrayList;
            } catch (Exception e) {
                log.error("Exception: ", e);
                throw new RuntimeException(e);
            }
        } finally {
            try {
                inputStream.close();
            } catch (IOException e2) {
                log.error("Exception: ", e2);
            }
        }
    }

    public CompositeTrustManager(Path path) throws FileNotFoundException {
        this(new FileInputStream(path.toFile()));
    }

    public static SSLSocketFactory getCompositeSSLSocketFactory(Path path) throws NoSuchAlgorithmException, KeyManagementException, FileNotFoundException {
        return getSocketFactory(new CompositeTrustManager(path));
    }

    public static SSLSocketFactory getCompositeSSLSocketFactory(InputStream inputStream) throws NoSuchAlgorithmException, KeyManagementException {
        return getSocketFactory(new CompositeTrustManager(inputStream));
    }

    public static SSLSocketFactory getAlternateSSLSocketFactory(Path path) throws KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException, CertificateException {
        return getAlternateSSLSocketFactory(new FileInputStream(path.toFile()));
    }

    public static SSLSocketFactory getAlternateSSLSocketFactory(InputStream inputStream) throws KeyStoreException, IOException, NoSuchAlgorithmException, KeyManagementException, CertificateException {
        return getSocketFactory(getCustomTrustManager(inputStream));
    }

    private static SSLSocketFactory getSocketFactory(TrustManager trustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{trustManager}, null);
        return sSLContext.getSocketFactory();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Iterator<X509TrustManager> it = this.trustManagerList.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkClientTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
            }
        }
        throw new CertificateException("None of the TrustManagers trust this certificate chain");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        Iterator<X509TrustManager> it = this.trustManagerList.iterator();
        while (it.hasNext()) {
            try {
                it.next().checkServerTrusted(x509CertificateArr, str);
                return;
            } catch (CertificateException e) {
            }
        }
        throw new CertificateException("None of the TrustManagers trust this certificate chain");
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        ArrayList arrayList = new ArrayList();
        Iterator<X509TrustManager> it = this.trustManagerList.iterator();
        while (it.hasNext()) {
            arrayList.addAll(Arrays.asList(it.next().getAcceptedIssuers()));
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    private static X509TrustManager getCustomTrustManager(InputStream inputStream) throws CertificateException, KeyStoreException, NoSuchAlgorithmException, IOException {
        return createTrustManager(inputStream);
    }

    private static X509TrustManager getDefaultTrustManager() throws CertificateException, KeyStoreException, NoSuchAlgorithmException, IOException {
        return createTrustManager(null);
    }

    private static X509TrustManager createTrustManager(InputStream inputStream) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(inputStream, password);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new CertificateException("No X509TrustManager available");
    }
}
