package gigahorse;

import com.typesafe.sslconfig.ssl.AlgorithmChecker;
import com.typesafe.sslconfig.ssl.AlgorithmConstraint;
import com.typesafe.sslconfig.ssl.AlgorithmConstraintsParser$;
import com.typesafe.sslconfig.ssl.ConfigSSLContextBuilder;
import com.typesafe.sslconfig.ssl.DefaultKeyManagerFactoryWrapper;
import com.typesafe.sslconfig.ssl.DefaultTrustManagerFactoryWrapper;
import com.typesafe.sslconfig.ssl.KeyManagerFactoryWrapper;
import com.typesafe.sslconfig.ssl.SSLConfigSettings;
import com.typesafe.sslconfig.ssl.TrustManagerFactoryWrapper;
import com.typesafe.sslconfig.util.NoopLogger$;
import java.security.KeyStore;
import java.security.cert.CertPathValidatorException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import scala.Array$;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Tuple2;
import scala.collection.TraversableOnce;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.Seq$;
import scala.collection.mutable.ArrayOps;
import scala.reflect.ClassTag$;
import scala.runtime.BoxedUnit;

/* compiled from: SSL.scala */
/* loaded from: input_file:gigahorse/SSL$.class */
public final class SSL$ {
    public static SSL$ MODULE$;
    private X509TrustManager insecureTrustManager;
    private HostnameVerifier insecureHostnameVerifier;
    private volatile byte bitmap$0;

    static {
        new SSL$();
    }

    public Tuple2<SSLContext, Option<TrustManager>> buildContext(SSLConfigSettings sSLConfigSettings) {
        if (sSLConfigSettings.m854default()) {
            validateDefaultTrustManager(sSLConfigSettings);
            return new Tuple2<>(SSLContext.getDefault(), None$.MODULE$);
        }
        KeyManagerFactoryWrapper buildKeyManagerFactory = buildKeyManagerFactory(sSLConfigSettings);
        TrustManagerFactoryWrapper buildTrustManagerFactory = buildTrustManagerFactory(sSLConfigSettings);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(sSLConfigSettings.trustManagerConfig().algorithm());
        trustManagerFactory.init((KeyStore) null);
        return new Tuple2<>(new ConfigSSLContextBuilder(NoopLogger$.MODULE$.factory(), sSLConfigSettings, buildKeyManagerFactory, buildTrustManagerFactory).build(), Option$.MODULE$.apply((X509TrustManager) trustManagerFactory.getTrustManagers()[0]));
    }

    public KeyManagerFactoryWrapper buildKeyManagerFactory(SSLConfigSettings sSLConfigSettings) {
        return new DefaultKeyManagerFactoryWrapper(sSLConfigSettings.keyManagerConfig().algorithm());
    }

    public TrustManagerFactoryWrapper buildTrustManagerFactory(SSLConfigSettings sSLConfigSettings) {
        return new DefaultTrustManagerFactoryWrapper(sSLConfigSettings.trustManagerConfig().algorithm());
    }

    public void validateDefaultTrustManager(SSLConfigSettings sSLConfigSettings) {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        X509TrustManager x509TrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0];
        AlgorithmChecker algorithmChecker = new AlgorithmChecker(NoopLogger$.MODULE$.factory(), Predef$.MODULE$.Set().apply(Nil$.MODULE$), ((TraversableOnce) sSLConfigSettings.disabledKeyAlgorithms().map(str -> {
            return (AlgorithmConstraint) AlgorithmConstraintsParser$.MODULE$.parseAll(AlgorithmConstraintsParser$.MODULE$.expression(), str).get();
        }, Seq$.MODULE$.canBuildFrom())).toSet());
        new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps(x509TrustManager.getAcceptedIssuers())).foreach(x509Certificate -> {
            $anonfun$validateDefaultTrustManager$2(algorithmChecker, x509Certificate);
            return BoxedUnit.UNIT;
        });
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v10, types: [gigahorse.SSL$] */
    private X509TrustManager insecureTrustManager$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (((byte) (this.bitmap$0 & 1)) == 0) {
                this.insecureTrustManager = new X509TrustManager() { // from class: gigahorse.SSL$$anon$1
                    @Override // javax.net.ssl.X509TrustManager
                    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                    }

                    @Override // javax.net.ssl.X509TrustManager
                    public X509Certificate[] getAcceptedIssuers() {
                        return (X509Certificate[]) Array$.MODULE$.apply(Nil$.MODULE$, ClassTag$.MODULE$.apply(X509Certificate.class));
                    }
                };
                r0 = this;
                r0.bitmap$0 = (byte) (this.bitmap$0 | 1);
            }
        }
        return this.insecureTrustManager;
    }

    public X509TrustManager insecureTrustManager() {
        return ((byte) (this.bitmap$0 & 1)) == 0 ? insecureTrustManager$lzycompute() : this.insecureTrustManager;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v10, types: [gigahorse.SSL$] */
    private HostnameVerifier insecureHostnameVerifier$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (((byte) (this.bitmap$0 & 2)) == 0) {
                this.insecureHostnameVerifier = new HostnameVerifier() { // from class: gigahorse.SSL$$anon$2
                    @Override // javax.net.ssl.HostnameVerifier
                    public boolean verify(String str, SSLSession sSLSession) {
                        return true;
                    }
                };
                r0 = this;
                r0.bitmap$0 = (byte) (this.bitmap$0 | 2);
            }
        }
        return this.insecureHostnameVerifier;
    }

    public HostnameVerifier insecureHostnameVerifier() {
        return ((byte) (this.bitmap$0 & 2)) == 0 ? insecureHostnameVerifier$lzycompute() : this.insecureHostnameVerifier;
    }

    public static final /* synthetic */ void $anonfun$validateDefaultTrustManager$2(AlgorithmChecker algorithmChecker, X509Certificate x509Certificate) {
        try {
            algorithmChecker.checkKeyAlgorithms(x509Certificate);
        } catch (CertPathValidatorException unused) {
        }
    }

    private SSL$() {
        MODULE$ = this;
    }
}
