package com.intellij.util.net.ssl;

import com.intellij.openapi.application.Application;
import com.intellij.openapi.application.ApplicationManager;
import com.intellij.openapi.application.ModalityState;
import com.intellij.openapi.application.PathManager;
import com.intellij.openapi.components.PersistentStateComponent;
import com.intellij.openapi.components.State;
import com.intellij.openapi.components.Storage;
import com.intellij.openapi.diagnostic.Logger;
import com.intellij.openapi.ui.DialogWrapper;
import com.intellij.openapi.util.ThrowableComputable;
import com.intellij.openapi.util.io.FileUtil;
import com.intellij.openapi.util.io.StreamUtil;
import com.intellij.openapi.util.registry.Registry;
import com.intellij.util.net.ssl.ConfirmingTrustManager;
import com.intellij.util.xmlb.XmlSerializerUtil;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.concurrent.Callable;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
import javax.crypto.BadPaddingException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.jetbrains.annotations.NonNls;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@State(name = "CertificateManager", storages = {@Storage("certificates.xml"), @Storage(value = "other.xml", deprecated = true)})
/* loaded from: input_file:com/intellij/util/net/ssl/CertificateManager.class */
public class CertificateManager implements PersistentStateComponent<Config> {

    @NonNls
    public static final String COMPONENT_NAME = "Certificate Manager";

    @NonNls
    public static final String DEFAULT_PASSWORD = "changeit";
    static final long DIALOG_VISIBILITY_TIMEOUT = 5000;
    private final String myCacertsPath = DEFAULT_PATH;
    private final String myPassword = DEFAULT_PASSWORD;
    private final Config myConfig = new Config();
    private final ConfirmingTrustManager myTrustManager = ConfirmingTrustManager.createForStorage(this.myCacertsPath, this.myPassword);
    private SSLContext mySslContext;

    @NonNls
    public static final String DEFAULT_PATH = FileUtil.join(PathManager.getSystemPath(), "tasks", "cacerts");
    private static final Logger LOG = Logger.getInstance(CertificateManager.class);

    @Deprecated
    public static final HostnameVerifier HOSTNAME_VERIFIER = new BrowserCompatHostnameVerifier();

    /* loaded from: input_file:com/intellij/util/net/ssl/CertificateManager$Config.class */
    public static class Config {
        public boolean ACCEPT_AUTOMATICALLY = false;
    }

    public static CertificateManager getInstance() {
        return (CertificateManager) ApplicationManager.getApplication().getComponent(CertificateManager.class);
    }

    public CertificateManager() {
        try {
            if (Registry.is("ide.certificate.manager")) {
                SSLContext.setDefault(getSslContext());
                LOG.info("Default SSL context initialized");
            }
        } catch (Exception e) {
            LOG.error((Throwable) e);
        }
    }

    @NotNull
    public synchronized SSLContext getSslContext() {
        if (this.mySslContext == null) {
            SSLContext systemSslContext = getSystemSslContext();
            if (Registry.is("ide.certificate.manager")) {
                try {
                    systemSslContext.init(getDefaultKeyManagers(), new TrustManager[]{getTrustManager()}, null);
                } catch (KeyManagementException e) {
                    LOG.error((Throwable) e);
                }
            } else {
                systemSslContext = getDefaultSslContext();
            }
            this.mySslContext = systemSslContext;
        }
        SSLContext sSLContext = this.mySslContext;
        if (sSLContext == null) {
            $$$reportNull$$$0(0);
        }
        return sSLContext;
    }

    @NotNull
    public static SSLContext getSystemSslContext() {
        try {
            SSLContext sSLContext = SSLContext.getInstance(CertificateUtil.TLS);
            sSLContext.init(null, null, null);
            if (sSLContext == null) {
                $$$reportNull$$$0(1);
            }
            return sSLContext;
        } catch (KeyManagementException e) {
            LOG.error((Throwable) e);
            throw new AssertionError("Cannot initialize system SSL context");
        } catch (NoSuchAlgorithmException e2) {
            LOG.error((Throwable) e2);
            throw new AssertionError("Cannot get system SSL context");
        }
    }

    @NotNull
    private static SSLContext getDefaultSslContext() {
        try {
            SSLContext sSLContext = SSLContext.getDefault();
            if (sSLContext == null) {
                $$$reportNull$$$0(2);
            }
            return sSLContext;
        } catch (NoSuchAlgorithmException e) {
            LOG.error("Default SSL context not available. Using system instead.");
            SSLContext systemSslContext = getSystemSslContext();
            if (systemSslContext == null) {
                $$$reportNull$$$0(3);
            }
            return systemSslContext;
        }
    }

    @Nullable
    public static KeyManager[] getDefaultKeyManagers() {
        String property = System.getProperty("javax.net.ssl.keyStore");
        if (property == null) {
            return null;
        }
        LOG.info("Loading custom key store specified with VM options: " + property);
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            String property2 = System.getProperty("javax.net.ssl.keyStoreType", KeyStore.getDefaultType());
            try {
                KeyStore keyStore = KeyStore.getInstance(property2);
                String property3 = System.getProperty("javax.net.ssl.keyStorePassword", "");
                FileInputStream fileInputStream = null;
                try {
                    try {
                        try {
                            fileInputStream = new FileInputStream(property);
                            keyStore.load(fileInputStream, property3.toCharArray());
                            keyManagerFactory.init(keyStore, property3.toCharArray());
                            StreamUtil.closeStream(fileInputStream);
                            return keyManagerFactory.getKeyManagers();
                        } catch (Throwable th) {
                            StreamUtil.closeStream(null);
                            throw th;
                        }
                    } catch (Exception e) {
                        if (!(e.getCause() instanceof BadPaddingException)) {
                            throw e;
                        }
                        LOG.error("Wrong key store password: " + property3, e);
                        StreamUtil.closeStream(fileInputStream);
                        return null;
                    }
                } catch (FileNotFoundException e2) {
                    LOG.error("Key store file not found: " + property);
                    StreamUtil.closeStream(fileInputStream);
                    return null;
                }
            } catch (KeyStoreException e3) {
                if (!(e3.getCause() instanceof NoSuchAlgorithmException)) {
                    throw e3;
                }
                LOG.error("Wrong key store type: " + property2, e3);
                return null;
            }
        } catch (Exception e4) {
            LOG.error((Throwable) e4);
            return null;
        }
    }

    @NotNull
    public String getCacertsPath() {
        String str = this.myCacertsPath;
        if (str == null) {
            $$$reportNull$$$0(4);
        }
        return str;
    }

    @NotNull
    public String getPassword() {
        String str = this.myPassword;
        if (str == null) {
            $$$reportNull$$$0(5);
        }
        return str;
    }

    @NotNull
    public ConfirmingTrustManager getTrustManager() {
        ConfirmingTrustManager confirmingTrustManager = this.myTrustManager;
        if (confirmingTrustManager == null) {
            $$$reportNull$$$0(6);
        }
        return confirmingTrustManager;
    }

    @NotNull
    public ConfirmingTrustManager.MutableTrustManager getCustomTrustManager() {
        ConfirmingTrustManager.MutableTrustManager customManager = this.myTrustManager.getCustomManager();
        if (customManager == null) {
            $$$reportNull$$$0(7);
        }
        return customManager;
    }

    public static boolean showAcceptDialog(@NotNull Callable<? extends DialogWrapper> callable) {
        if (callable == null) {
            $$$reportNull$$$0(8);
        }
        Application application = ApplicationManager.getApplication();
        CountDownLatch countDownLatch = new CountDownLatch(1);
        AtomicBoolean atomicBoolean = new AtomicBoolean();
        AtomicReference atomicReference = new AtomicReference();
        Runnable runnable = () -> {
            if (callable == null) {
                $$$reportNull$$$0(13);
            }
            try {
                if (countDownLatch.getCount() == 0) {
                    return;
                }
                try {
                    DialogWrapper dialogWrapper = (DialogWrapper) callable.call();
                    atomicReference.set(dialogWrapper);
                    atomicBoolean.set(dialogWrapper.showAndGet());
                    countDownLatch.countDown();
                } catch (Exception e) {
                    LOG.error((Throwable) e);
                    countDownLatch.countDown();
                }
            } catch (Throwable th) {
                countDownLatch.countDown();
                throw th;
            }
        };
        if (application.isDispatchThread()) {
            runnable.run();
        } else {
            application.invokeLater(runnable, ModalityState.any());
        }
        try {
            if (!countDownLatch.await(DIALOG_VISIBILITY_TIMEOUT, TimeUnit.MILLISECONDS)) {
                DialogWrapper dialogWrapper = (DialogWrapper) atomicReference.get();
                if (dialogWrapper == null || !dialogWrapper.isShowing()) {
                    LOG.debug("After 5000 ms dialog was not shown. Rejecting certificate. Current thread: " + Thread.currentThread().getName());
                    countDownLatch.countDown();
                    return false;
                }
                countDownLatch.await();
            }
        } catch (InterruptedException e) {
            Thread.currentThread().interrupt();
            countDownLatch.countDown();
        }
        return atomicBoolean.get();
    }

    public <T, E extends Throwable> T runWithUntrustedCertificateStrategy(@NotNull ThrowableComputable<T, E> throwableComputable, @NotNull UntrustedCertificateStrategy untrustedCertificateStrategy) throws Throwable {
        if (throwableComputable == null) {
            $$$reportNull$$$0(9);
        }
        if (untrustedCertificateStrategy == null) {
            $$$reportNull$$$0(10);
        }
        this.myTrustManager.myUntrustedCertificateStrategy.set(untrustedCertificateStrategy);
        try {
            T compute = throwableComputable.compute();
            this.myTrustManager.myUntrustedCertificateStrategy.remove();
            return compute;
        } catch (Throwable th) {
            this.myTrustManager.myUntrustedCertificateStrategy.remove();
            throw th;
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.intellij.openapi.components.PersistentStateComponent
    @NotNull
    public Config getState() {
        Config config = this.myConfig;
        if (config == null) {
            $$$reportNull$$$0(11);
        }
        return config;
    }

    @Override // com.intellij.openapi.components.PersistentStateComponent
    public void loadState(@NotNull Config config) {
        if (config == null) {
            $$$reportNull$$$0(12);
        }
        XmlSerializerUtil.copyBean(config, this.myConfig);
    }

    private static /* synthetic */ void $$$reportNull$$$0(int i) {
        String str;
        int i2;
        switch (i) {
            case 0:
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 11:
            default:
                str = "@NotNull method %s.%s must not return null";
                break;
            case 8:
            case 9:
            case 10:
            case 12:
            case 13:
                str = "Argument for @NotNull parameter '%s' of %s.%s must not be null";
                break;
        }
        switch (i) {
            case 0:
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 11:
            default:
                i2 = 2;
                break;
            case 8:
            case 9:
            case 10:
            case 12:
            case 13:
                i2 = 3;
                break;
        }
        Object[] objArr = new Object[i2];
        switch (i) {
            case 0:
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 11:
            default:
                objArr[0] = "com/intellij/util/net/ssl/CertificateManager";
                break;
            case 8:
            case 13:
                objArr[0] = "dialogFactory";
                break;
            case 9:
                objArr[0] = "computable";
                break;
            case 10:
                objArr[0] = "strategy";
                break;
            case 12:
                objArr[0] = "state";
                break;
        }
        switch (i) {
            case 0:
            default:
                objArr[1] = "getSslContext";
                break;
            case 1:
                objArr[1] = "getSystemSslContext";
                break;
            case 2:
            case 3:
                objArr[1] = "getDefaultSslContext";
                break;
            case 4:
                objArr[1] = "getCacertsPath";
                break;
            case 5:
                objArr[1] = "getPassword";
                break;
            case 6:
                objArr[1] = "getTrustManager";
                break;
            case 7:
                objArr[1] = "getCustomTrustManager";
                break;
            case 8:
            case 9:
            case 10:
            case 12:
            case 13:
                objArr[1] = "com/intellij/util/net/ssl/CertificateManager";
                break;
            case 11:
                objArr[1] = "getState";
                break;
        }
        switch (i) {
            case 8:
                objArr[2] = "showAcceptDialog";
                break;
            case 9:
            case 10:
                objArr[2] = "runWithUntrustedCertificateStrategy";
                break;
            case 12:
                objArr[2] = "loadState";
                break;
            case 13:
                objArr[2] = "lambda$showAcceptDialog$0";
                break;
        }
        String format = String.format(str, objArr);
        switch (i) {
            case 0:
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 11:
            default:
                throw new IllegalStateException(format);
            case 8:
            case 9:
            case 10:
            case 12:
            case 13:
                throw new IllegalArgumentException(format);
        }
    }
}
