package org.openanzo.client;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.GregorianCalendar;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.openanzo.client.cli.CommandContext;
import org.openanzo.client.cli.CommandLineInterface;
import org.openanzo.exceptions.AnzoException;
import org.openanzo.exceptions.AnzoRuntimeException;
import org.openanzo.exceptions.ExceptionConstants;
import org.openanzo.rdf.utils.KeystoreUtils;

/* loaded from: input_file:org/openanzo/client/AnzoTrustManager.class */
public class AnzoTrustManager implements X509TrustManager {
    private X509TrustManager x509tm;
    private boolean trustAll;
    private boolean showTrace;
    private static final String[] MONTHS = {"January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December"};
    private static final String ANZO_DIR = ".anzo";
    private static final String DEFAULT_CLIENT_TRUST = "client.ts";
    private static final String DEFAULT_PWORD = "p@ssw0rd";

    public AnzoTrustManager(boolean z, boolean z2) throws AnzoException {
        this.trustAll = z;
        this.showTrace = z2;
        String preprocessString = CommandContext.preprocessString(System.getProperty("javax.net.ssl.trustStore"));
        String property = System.getProperty("user.home");
        if (preprocessString == null && property != null) {
            try {
                File file = new File(new File(property, ANZO_DIR), DEFAULT_CLIENT_TRUST);
                if (file.exists()) {
                    preprocessString = file.getCanonicalPath();
                }
            } catch (Exception e) {
                throw new AnzoException(ExceptionConstants.CLIENT.FAILED_INITIALIZE_TRUST_MANAGER, e, "Failed to initialize the AnzoTrustManager");
            }
        }
        String property2 = System.getProperty("javax.net.ssl.trustStoreType", "JCEKS");
        String property3 = System.getProperty("javax.net.ssl.trustStorePassword", DEFAULT_PWORD);
        KeyStore keyStore = KeyStore.getInstance(property2);
        if (preprocessString != null && property3 != null) {
            File file2 = new File(preprocessString);
            if (file2.exists()) {
                Throwable th = null;
                try {
                    FileInputStream fileInputStream = new FileInputStream(file2);
                    try {
                        keyStore.load(fileInputStream, property3.toCharArray());
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                    } catch (Throwable th2) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        throw th2;
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    throw th;
                }
            }
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                this.x509tm = (X509TrustManager) trustManager;
                return;
            }
        }
        throw new AnzoRuntimeException(ExceptionConstants.CLIENT.FAILED_INITIALIZE_TRUST_MANAGER, "The default Java Trust Manager was not found");
    }

    public AnzoTrustManager(boolean z, String str, String str2, String str3, boolean z2) throws AnzoException {
        this.trustAll = z;
        this.showTrace = z2;
        String preprocessString = str != null ? str : CommandContext.preprocessString(System.getProperty("javax.net.ssl.trustStore"));
        String property = System.getProperty("user.home");
        if (preprocessString == null && property != null) {
            try {
                File file = new File(new File(property, ANZO_DIR), DEFAULT_CLIENT_TRUST);
                if (file.exists()) {
                    preprocessString = file.getCanonicalPath();
                }
            } catch (Exception e) {
                throw new AnzoException(ExceptionConstants.CLIENT.FAILED_INITIALIZE_TRUST_MANAGER, e, "Failed to initialize the AnzoTrustManager");
            }
        }
        String property2 = str2 != null ? str2 : System.getProperty("javax.net.ssl.trustStoreType", "JCEKS");
        String property3 = str3 != null ? str3 : System.getProperty("javax.net.ssl.trustStorePassword", DEFAULT_PWORD);
        KeyStore keyStore = KeyStore.getInstance(property2);
        if (preprocessString != null && property3 != null) {
            File file2 = new File(preprocessString);
            if (file2.exists()) {
                Throwable th = null;
                try {
                    FileInputStream fileInputStream = new FileInputStream(file2);
                    try {
                        keyStore.load(fileInputStream, property3.toCharArray());
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                    } catch (Throwable th2) {
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        throw th2;
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th = th3;
                    } else if (null != th3) {
                        th.addSuppressed(th3);
                    }
                    throw th;
                }
            }
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
        trustManagerFactory.init(keyStore);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                this.x509tm = (X509TrustManager) trustManager;
                return;
            }
        }
        throw new AnzoRuntimeException(ExceptionConstants.CLIENT.FAILED_INITIALIZE_TRUST_MANAGER, "The default Java Trust Manager was not found");
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.x509tm.checkClientTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            handleCertificateException(e, x509CertificateArr);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        try {
            this.x509tm.checkServerTrusted(x509CertificateArr, str);
        } catch (CertificateException e) {
            handleCertificateException(e, x509CertificateArr);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.x509tm.getAcceptedIssuers();
    }

    private void handleCertificateException(CertificateException certificateException, X509Certificate[] x509CertificateArr) throws CertificateException {
        String preprocessString;
        if (this.trustAll) {
            return;
        }
        System.err.println(certificateException.getMessage());
        System.err.println("Certificate Information: \n");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.setTimeInMillis(x509CertificateArr[0].getNotBefore().getTime());
        System.err.println("Creation Date: " + MONTHS[gregorianCalendar.get(2)] + " " + gregorianCalendar.get(5) + ", " + gregorianCalendar.get(1));
        System.err.println("Certificate chain length: " + x509CertificateArr.length);
        int i = 1;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            int i2 = i;
            i++;
            System.err.println("Certificate[" + i2 + "]:");
            System.err.println("Owner: " + x509Certificate.getSubjectX500Principal().toString());
            System.err.println("Issuer: " + x509Certificate.getIssuerX500Principal().toString());
            System.err.println("Serial Number: " + new String(Hex.encodeHex(x509Certificate.getSerialNumber().toByteArray())));
            System.err.println("Valid from: " + x509Certificate.getNotBefore().toString() + " until: " + x509Certificate.getNotAfter().toString());
            System.err.println("Certificate fingerprints: ");
            byte[] encoded = x509Certificate.getEncoded();
            System.err.println("\tMD5: " + DigestUtils.md5Hex(encoded));
            System.err.println("\tSHA1: " + DigestUtils.sha1Hex(encoded));
            System.err.println("\tSignature Algorithm Name: " + x509Certificate.getSigAlgName());
            System.err.println("\tVersion: " + x509Certificate.getVersion());
            System.err.println("-----------------------------------------------------");
        }
        System.err.println("Would you like to accept this certificate? (o)nce, (a)lways, (n)o");
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        String str = "";
        try {
            str = bufferedReader.readLine();
        } catch (IOException e) {
            CommandLineInterface.DEFAULT_CONSOLE.printException(e, this.showTrace);
            System.exit(1);
        }
        if (Character.toLowerCase(str.charAt(0)) == 'o') {
            return;
        }
        if (Character.toLowerCase(str.charAt(0)) != 'a') {
            System.exit(1);
            return;
        }
        try {
            String property = System.getProperty("javax.net.ssl.trustStoreType", "JCEKS");
            String property2 = System.getProperty("javax.net.ssl.trustStorePassword", DEFAULT_PWORD);
            String property3 = System.getProperty("javax.net.ssl.trustStore");
            if (property3 == null) {
                String property4 = System.getProperty("user.home");
                if (property4 == null) {
                    throw new AnzoException(ExceptionConstants.CLIENT.FAILED_INITIALIZE_TRUST_MANAGER, "User's home directory is not specified");
                }
                File file = new File(new File(property4, ANZO_DIR), DEFAULT_CLIENT_TRUST);
                preprocessString = file.getCanonicalPath();
                if (!file.exists()) {
                    openTruststore(property, preprocessString, property2);
                }
            } else {
                preprocessString = CommandContext.preprocessString(property3);
                File file2 = new File(preprocessString);
                if (!file2.exists()) {
                    System.err.println("Could not find the specified trust store file at:");
                    System.err.println(file2.getCanonicalPath());
                    System.err.println("The trust store file is used for permanently trusting server certificates that");
                    System.err.println("are not trusted by default.");
                    System.err.println("Would you like to create a new trust store file at the specified location?");
                    System.err.println("(y)es, (n)o");
                    try {
                        str = bufferedReader.readLine();
                    } catch (IOException e2) {
                        CommandLineInterface.DEFAULT_CONSOLE.printException(e2, this.showTrace);
                        System.exit(1);
                    }
                    if (Character.toLowerCase(str.charAt(0)) == 'y') {
                        openTruststore(property, preprocessString, property2);
                    } else {
                        System.exit(1);
                    }
                }
            }
            KeystoreUtils.addTrustedCert(preprocessString, property, property2, "imported_" + System.currentTimeMillis(), x509CertificateArr[0]);
        } catch (IOException e3) {
            System.err.println("Error importing certificate into truststore: ");
            CommandLineInterface.DEFAULT_CONSOLE.printException(e3, this.showTrace);
            System.exit(1);
        } catch (AnzoException e4) {
            System.err.println("Error importing certificate into truststore: ");
            CommandLineInterface.DEFAULT_CONSOLE.printException(e4, this.showTrace);
            System.exit(1);
        }
    }

    private static void openTruststore(String str, String str2, String str3) throws AnzoException {
        try {
            KeystoreUtils.generateTruststore(str, str2, str3);
        } catch (AnzoException e) {
            System.err.println("Could not open trust store file at:");
            System.err.println(str2);
            System.err.println("The password or truststore type settings may be incorrect or the trust store file is invalid.");
            throw e;
        }
    }
}
