package net.unit8.bouncr.proxy.cert;

import enkan.component.ComponentLifecycle;
import enkan.component.SystemComponent;
import enkan.exception.MisconfigurationException;
import enkan.exception.UnreachableException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Objects;
import java.util.stream.Stream;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:net/unit8/bouncr/proxy/cert/ReloadableTrustManager.class */
public class ReloadableTrustManager extends SystemComponent implements X509TrustManager {
    private X509TrustManager trustManager;
    private TrustManagerFactory trustManagerFactory;
    private String truststorePath;
    private String truststorePassword;
    private KeyStore trustStore;
    private boolean isInitialized = false;

    private void load() throws CertificateException, NoSuchAlgorithmException, IOException {
        FileInputStream fileInputStream = new FileInputStream(new File(this.truststorePath));
        try {
            this.trustStore.load(fileInputStream, this.truststorePassword.toCharArray());
            fileInputStream.close();
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public void reload() {
        try {
            this.trustStore = KeyStore.getInstance("JKS");
            load();
            this.trustManagerFactory.init(this.trustStore);
            Stream of = Stream.of((Object[]) this.trustManagerFactory.getTrustManagers());
            Class<X509TrustManager> cls = X509TrustManager.class;
            Objects.requireNonNull(X509TrustManager.class);
            Stream filter = of.filter((v1) -> {
                return r2.isInstance(v1);
            });
            Class<X509TrustManager> cls2 = X509TrustManager.class;
            Objects.requireNonNull(X509TrustManager.class);
            this.trustManager = (X509TrustManager) filter.map((v1) -> {
                return r2.cast(v1);
            }).findAny().orElseThrow(() -> {
                return new MisconfigurationException("", new Object[0]);
            });
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            throw new UnreachableException(e3);
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    public void addEntry(X509Certificate x509Certificate) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.truststorePath);
            try {
                this.trustStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                this.trustStore.store(fileOutputStream, this.truststorePassword.toCharArray());
                fileOutputStream.close();
            } catch (Throwable th) {
                try {
                    fileOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    protected ComponentLifecycle lifecycle() {
        return new ComponentLifecycle<ReloadableTrustManager>() { // from class: net.unit8.bouncr.proxy.cert.ReloadableTrustManager.1
            public void start(ReloadableTrustManager reloadableTrustManager) {
                if (ReloadableTrustManager.this.truststorePath == null || ReloadableTrustManager.this.truststorePath.isEmpty()) {
                    return;
                }
                try {
                    ReloadableTrustManager.this.trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    ReloadableTrustManager.this.reload();
                    ReloadableTrustManager.this.isInitialized = true;
                } catch (NoSuchAlgorithmException e) {
                    throw new UnreachableException(e);
                }
            }

            public void stop(ReloadableTrustManager reloadableTrustManager) {
                ReloadableTrustManager.this.isInitialized = false;
            }
        };
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.trustManager.checkClientTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        this.trustManager.checkServerTrusted(x509CertificateArr, str);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return this.trustManager.getAcceptedIssuers();
    }

    public boolean initialized() {
        return this.isInitialized;
    }

    public void setTruststorePath(String str) {
        this.truststorePath = str;
    }

    public void setTruststorePassword(String str) {
        this.truststorePassword = str;
    }
}
