package org.openslx.dozmod.gui;

import java.math.BigInteger;
import java.security.KeyManagementException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.openslx.dozmod.authentication.FingerprintManager;
import org.openslx.dozmod.gui.Gui;
import org.openslx.dozmod.gui.helper.I18n;
import org.openslx.dozmod.gui.helper.MessageType;

/* loaded from: input_file:org/openslx/dozmod/gui/GraphicalCertHandler.class */
public class GraphicalCertHandler {
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) GuiTrustManager.class);
    private final String address;
    private final SSLContext sslContext;

    /* loaded from: input_file:org/openslx/dozmod/gui/GraphicalCertHandler$GuiTrustManager.class */
    private class GuiTrustManager implements X509TrustManager {
        private GuiTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (x509CertificateArr != null) {
                try {
                    if (x509CertificateArr.length != 0) {
                        byte[] encoded = x509CertificateArr[0].getEncoded();
                        try {
                            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                            messageDigest.update(encoded);
                            byte[] digest = messageDigest.digest();
                            String bigInteger = new BigInteger(digest).toString(16);
                            byte[] knownFingerprint = FingerprintManager.getKnownFingerprint(GraphicalCertHandler.this.address);
                            if (knownFingerprint == null) {
                                knownFingerprint = FingerprintManager.getSuggestedFingerprint(GraphicalCertHandler.this.address);
                            }
                            if (knownFingerprint == null) {
                                FingerprintManager.saveKnownFingerprint(GraphicalCertHandler.this.address, digest);
                                return;
                            }
                            if (Arrays.equals(digest, knownFingerprint)) {
                                return;
                            }
                            byte[] suggestedFingerprint = FingerprintManager.getSuggestedFingerprint(GraphicalCertHandler.this.address);
                            if (suggestedFingerprint != null && Arrays.equals(digest, suggestedFingerprint)) {
                                FingerprintManager.saveKnownFingerprint(GraphicalCertHandler.this.address, digest);
                                return;
                            }
                            final String string = I18n.GUI.getString("GraphicalCertHandler.Message.yesNo.fingerprintChanged", GraphicalCertHandler.this.address, new BigInteger(knownFingerprint).toString(16), bigInteger);
                            if (!((Boolean) Gui.syncExec(new Gui.GuiCallable<Boolean>() { // from class: org.openslx.dozmod.gui.GraphicalCertHandler.GuiTrustManager.2
                                /* JADX WARN: Can't rename method to resolve collision */
                                @Override // org.openslx.dozmod.gui.Gui.GuiCallable
                                public Boolean run() {
                                    return Boolean.valueOf(Gui.showMessageBox(null, string, MessageType.QUESTION_YESNO, null, null));
                                }
                            })).booleanValue()) {
                                throw new CertificateException("Rejected by user");
                            }
                            FingerprintManager.saveKnownFingerprint(GraphicalCertHandler.this.address, digest);
                            return;
                        } catch (NoSuchAlgorithmException e) {
                            GraphicalCertHandler.LOGGER.warn("Could not get SHA-256 hash of certificate", (Throwable) e);
                            throw new CertificateException("Could not get SHA-256 hash of certificate");
                        }
                    }
                } catch (Throwable th) {
                    GraphicalCertHandler.LOGGER.warn("Exception when checking cert of satellite", th);
                    throw th;
                }
            }
            if (!((Boolean) Gui.syncExec(new Gui.GuiCallable<Boolean>() { // from class: org.openslx.dozmod.gui.GraphicalCertHandler.GuiTrustManager.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // org.openslx.dozmod.gui.Gui.GuiCallable
                public Boolean run() {
                    return Boolean.valueOf(Gui.showMessageBox(null, I18n.GUI.getString("GraphicalCertHandler.Message.warning.noCertificate", new Object[0]), MessageType.WARNING, GraphicalCertHandler.LOGGER, null));
                }
            })).booleanValue()) {
                throw new CertificateException("No certificate provided by server");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }

    private GraphicalCertHandler(String str) {
        SSLContext sSLContext = null;
        try {
            sSLContext = SSLContext.getInstance("TLSv1.2");
        } catch (NoSuchAlgorithmException e) {
            Gui.asyncMessageBox(I18n.GUI.getString("GraphicalCertHandler.Message.error.couldNotGetSSLContext", new Object[0]), MessageType.ERROR, LOGGER, e);
        }
        if (sSLContext != null) {
            try {
                sSLContext.init(null, new TrustManager[]{new GuiTrustManager()}, null);
            } catch (KeyManagementException e2) {
                Gui.asyncMessageBox(I18n.GUI.getString("GraphicalCertHandler.Message.error.couldNotInitializeSSLContext", new Object[0]), MessageType.ERROR, LOGGER, e2);
                sSLContext = null;
            }
        }
        this.sslContext = sSLContext;
        this.address = str;
    }

    public static SSLContext getSslContext(String str) {
        return new GraphicalCertHandler(str).sslContext;
    }
}
