package net.dongliu.requests;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.dongliu.commons.exception.Exceptions;

/* loaded from: input_file:net/dongliu/requests/SSLSocketFactories.class */
class SSLSocketFactories {
    private static final SSLSocketFactory sslSocketFactoryLazy = _getTrustAllSSLSocketFactory();
    private static final ConcurrentMap<Collection<CertificateInfo>, SSLSocketFactory> map = new ConcurrentHashMap();

    /* loaded from: input_file:net/dongliu/requests/SSLSocketFactories$CustomCertTrustManager.class */
    static class CustomCertTrustManager implements X509TrustManager {
        private final Collection<CertificateInfo> certs;
        private final X509TrustManager sunJSSEX509TrustManager = load();

        public CustomCertTrustManager(Collection<CertificateInfo> collection) {
            this.certs = collection;
        }

        private X509TrustManager load() {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                for (CertificateInfo certificateInfo : this.certs) {
                    try {
                        keyStore.load(new FileInputStream(certificateInfo.getPath()), certificateInfo.getPassword() == null ? null : certificateInfo.getPassword().toCharArray());
                    } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
                        throw Exceptions.sneakyThrow(e);
                    }
                }
                try {
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509", "SunJSSE");
                    trustManagerFactory.init(keyStore);
                    for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                        if (trustManager instanceof X509TrustManager) {
                            return (X509TrustManager) trustManager;
                        }
                    }
                    throw new RuntimeException("Couldn't initialize X509TrustManager");
                } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException e2) {
                    throw Exceptions.uncheck(e2);
                }
            } catch (KeyStoreException e3) {
                throw Exceptions.uncheck(e3);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.sunJSSEX509TrustManager.checkClientTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.sunJSSEX509TrustManager.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return this.sunJSSEX509TrustManager.getAcceptedIssuers();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:net/dongliu/requests/SSLSocketFactories$TrustAllTrustManager.class */
    public static class TrustAllTrustManager implements X509TrustManager {
        TrustAllTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    SSLSocketFactories() {
    }

    public static SSLSocketFactory _getTrustAllSSLSocketFactory() {
        TrustAllTrustManager trustAllTrustManager = new TrustAllTrustManager();
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{trustAllTrustManager}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw Exceptions.uncheck(e);
        }
    }

    public static SSLSocketFactory getTrustAllSSLSocketFactory() {
        return sslSocketFactoryLazy;
    }

    private static SSLSocketFactory _getCustomSSLSocketFactory(Collection<CertificateInfo> collection) {
        CustomCertTrustManager customCertTrustManager = new CustomCertTrustManager(collection);
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{customCertTrustManager}, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw Exceptions.uncheck(e);
        }
    }

    public static SSLSocketFactory getCustomSSLSocketFactory(Collection<CertificateInfo> collection) {
        return map.computeIfAbsent(collection, SSLSocketFactories::_getCustomSSLSocketFactory);
    }
}
