package org.jetbrains.idea.maven.server.security.ssl;

import java.io.ByteArrayOutputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.jetbrains.idea.maven.server.MavenServerGlobals;

/* loaded from: input_file:org/jetbrains/idea/maven/server/security/ssl/SslIDEConfirmingTrustStore.class */
public final class SslIDEConfirmingTrustStore {
    public static final String CHECK_CLIENT_TRUSTED = "----------checkClientTrusted----------";
    public static final String CHECK_SERVER_TRUSTED = "----------checkServerTrusted----------";
    public static final String IDE_DELEGATE_TRUST_MANAGER = "----------IdeDelegateTrustManager----------";
    public static final String DELEGATE_RESPONSE = "----------RESPONSE----------";
    public static final String DELEGATE_RESPONSE_OK = "----------OK----------";
    public static final String DELEGATE_RESPONSE_ERROR = "----------ERROR----------";
    private static final Multiplexor ourMultiplexor = new Multiplexor();
    public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
    public static final String END_CERTIFICATE = "-----END CERTIFICATE-----";

    /* loaded from: input_file:org/jetbrains/idea/maven/server/security/ssl/SslIDEConfirmingTrustStore$IdeDelegateTrustManager.class */
    private static class IdeDelegateTrustManager implements X509TrustManager {
        private ConcurrentHashMap<TrustRequestKey, Boolean> succeed = new ConcurrentHashMap<>();
        private final List<X509TrustManager> myTrustManagers;

        IdeDelegateTrustManager() throws NoSuchAlgorithmException, KeyStoreException {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            this.myTrustManagers = new ArrayList();
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    this.myTrustManagers.add((X509TrustManager) trustManager);
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Iterator<X509TrustManager> it = this.myTrustManagers.iterator();
            while (it.hasNext()) {
                try {
                    it.next().checkClientTrusted(x509CertificateArr, str);
                    return;
                } catch (CertificateException e) {
                }
            }
            throw new CertificateException();
        }

        private void sendAndWaitForResponse(String str, Integer num) throws CertificateException {
            synchronized (this) {
                System.out.println(str);
            }
            SslIDEConfirmingTrustStore.ourMultiplexor.waitForResponse(num);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Iterator<X509TrustManager> it = this.myTrustManagers.iterator();
            while (it.hasNext()) {
                try {
                    it.next().checkClientTrusted(x509CertificateArr, str);
                    return;
                } catch (CertificateException e) {
                }
            }
            TrustRequestKey trustRequestKey = new TrustRequestKey(x509CertificateArr, str);
            Boolean bool = this.succeed.get(trustRequestKey);
            if (bool == null || !bool.booleanValue()) {
                doCheckTrusted(x509CertificateArr, str, SslIDEConfirmingTrustStore.CHECK_SERVER_TRUSTED);
                this.succeed.put(trustRequestKey, Boolean.TRUE);
            }
        }

        private void doCheckTrusted(X509Certificate[] x509CertificateArr, String str, String str2) throws CertificateException {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            Integer key = SslIDEConfirmingTrustStore.ourMultiplexor.getKey();
            try {
                PrintStream printStream = new PrintStream((OutputStream) byteArrayOutputStream, false, "ISO-8859-1");
                try {
                    printStream.println(SslIDEConfirmingTrustStore.IDE_DELEGATE_TRUST_MANAGER);
                    printStream.println(str2);
                    printStream.println(key);
                    printStream.println(x509CertificateArr.length);
                    printStream.println(str);
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        printStream.println(SslIDEConfirmingTrustStore.BEGIN_CERTIFICATE);
                        try {
                            printStream.println(Base64.getMimeEncoder(80, "\n".getBytes(StandardCharsets.US_ASCII)).encodeToString(x509Certificate.getEncoded()));
                        } catch (CertificateEncodingException e) {
                            printStream.println("#ERROR: " + e.getMessage());
                        }
                        printStream.println(SslIDEConfirmingTrustStore.END_CERTIFICATE);
                    }
                    printStream.println(str2);
                    sendAndWaitForResponse(byteArrayOutputStream.toString("ISO-8859-1"), key);
                    printStream.close();
                } finally {
                }
            } catch (UnsupportedEncodingException e2) {
                throw new CertificateException("Unsupported encoding");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    /* loaded from: input_file:org/jetbrains/idea/maven/server/security/ssl/SslIDEConfirmingTrustStore$TrustRequestKey.class */
    private static class TrustRequestKey {
        private final X509Certificate[] myChain;
        private final String myType;

        TrustRequestKey(X509Certificate[] x509CertificateArr, String str) {
            this.myChain = x509CertificateArr;
            this.myType = str;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof TrustRequestKey)) {
                return false;
            }
            TrustRequestKey trustRequestKey = (TrustRequestKey) obj;
            return Objects.deepEquals(this.myChain, trustRequestKey.myChain) && Objects.equals(this.myType, trustRequestKey.myType);
        }

        public int hashCode() {
            return Objects.hash(Integer.valueOf(Arrays.hashCode(this.myChain)), this.myType);
        }
    }

    public static void setup() {
        try {
            startMultiplexorThread();
            IdeDelegateTrustManager ideDelegateTrustManager = new IdeDelegateTrustManager();
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{ideDelegateTrustManager}, null);
            SSLContext.setDefault(sSLContext);
        } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
            MavenServerGlobals.getLogger().error(e);
        }
    }

    private static void startMultiplexorThread() {
        ourMultiplexor.start();
    }
}
