package com.intellij.execution.rmi.ssl;

import com.android.SdkConstants;
import com.intellij.openapi.util.io.FileUtilRt;
import com.intellij.openapi.util.text.StringUtilRt;
import com.intellij.security.CompositeX509TrustManager;
import com.intellij.util.containers.ContainerUtilRt;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509TrustManager;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:patch-file.zip:lib/intellij-core-26.0.0-dev.jar:com/intellij/execution/rmi/ssl/SslSocketFactory.class */
public class SslSocketFactory extends SSLSocketFactory {
    public static final String SSL_CA_CERT_PATH = "sslCaCertPath";
    public static final String SSL_CLIENT_CERT_PATH = "sslClientCertPath";
    public static final String SSL_CLIENT_KEY_PATH = "sslClientKeyPath";
    public static final String SSL_TRUST_EVERYBODY = "sslTrustEverybody";
    private static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
    private SSLSocketFactory myFactory;

    /* loaded from: input_file:patch-file.zip:lib/intellij-core-26.0.0-dev.jar:com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager.class */
    private static class MyKeyManager extends X509ExtendedKeyManager {
        private final String myAlias;

        @NotNull
        private final X509Certificate[] myCertificates;

        @NotNull
        private final PrivateKey myPrivateKey;

        private MyKeyManager(@NotNull String str, @NotNull String str2) throws Exception {
            if (str == null) {
                throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "certPath", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", SdkConstants.CONSTRUCTOR_NAME));
            }
            if (str2 == null) {
                throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "keyPath", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", SdkConstants.CONSTRUCTOR_NAME));
            }
            this.myAlias = UUID.randomUUID().toString();
            this.myCertificates = new X509Certificate[]{SslSocketFactory.readCertificate(str)};
            this.myPrivateKey = SslSocketFactory.readPrivateKey(str2);
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String[] getClientAliases(String str, Principal[] principalArr) {
            String[] strArr = new String[0];
            if (strArr == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", "getClientAliases"));
            }
            return strArr;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.myAlias;
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String[] getServerAliases(String str, Principal[] principalArr) {
            String[] strArr = new String[0];
            if (strArr == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", "getServerAliases"));
            }
            return strArr;
        }

        @Override // javax.net.ssl.X509KeyManager
        @Nullable
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public X509Certificate[] getCertificateChain(String str) {
            X509Certificate[] x509CertificateArr = this.myCertificates;
            if (x509CertificateArr == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", "getCertificateChain"));
            }
            return x509CertificateArr;
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public PrivateKey getPrivateKey(String str) {
            PrivateKey privateKey = this.myPrivateKey;
            if (privateKey == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyKeyManager", "getPrivateKey"));
            }
            return privateKey;
        }
    }

    /* loaded from: input_file:patch-file.zip:lib/intellij-core-26.0.0-dev.jar:com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustEverybodyManager.class */
    private static class MyTrustEverybodyManager implements X509TrustManager {
        private MyTrustEverybodyManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        @NotNull
        public X509Certificate[] getAcceptedIssuers() {
            X509Certificate[] x509CertificateArr = new X509Certificate[0];
            if (x509CertificateArr == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustEverybodyManager", "getAcceptedIssuers"));
            }
            return x509CertificateArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:patch-file.zip:lib/intellij-core-26.0.0-dev.jar:com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustManager.class */
    public static class MyTrustManager implements X509TrustManager {
        private X509TrustManager trustManager;

        private MyTrustManager(@NotNull X509Certificate x509Certificate) throws Exception {
            if (x509Certificate == null) {
                throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "caCertPath", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustManager", SdkConstants.CONSTRUCTOR_NAME));
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(createStore(x509Certificate));
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            int length = trustManagers.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                TrustManager trustManager = trustManagers[i];
                if (trustManager instanceof X509TrustManager) {
                    this.trustManager = (X509TrustManager) trustManager;
                    break;
                }
                i++;
            }
            if (this.trustManager == null) {
                throw new RuntimeException("No X509TrustManager found");
            }
        }

        @NotNull
        private static KeyStore createStore(@NotNull X509Certificate x509Certificate) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException {
            if (x509Certificate == null) {
                throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "certificate", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustManager", "createStore"));
            }
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            keyStore.setCertificateEntry(UUID.randomUUID().toString(), x509Certificate);
            if (keyStore == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustManager", "createStore"));
            }
            return keyStore;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            if (this.trustManager == null) {
                throw new RuntimeException("No X509TrustManager found");
            }
            this.trustManager.checkServerTrusted(x509CertificateArr, str);
        }

        @Override // javax.net.ssl.X509TrustManager
        @NotNull
        public X509Certificate[] getAcceptedIssuers() {
            X509Certificate[] x509CertificateArr = new X509Certificate[0];
            if (x509CertificateArr == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory$MyTrustManager", "getAcceptedIssuers"));
            }
            return x509CertificateArr;
        }
    }

    public SslSocketFactory() throws GeneralSecurityException, IOException {
        SSLContext sSLContext = SSLContext.getInstance(org.apache.http.conn.ssl.SSLSocketFactory.TLS);
        try {
            String property = System.getProperty(SSL_CA_CERT_PATH);
            String property2 = System.getProperty(SSL_CLIENT_CERT_PATH);
            String property3 = System.getProperty(SSL_CLIENT_KEY_PATH);
            sSLContext.init((property2 == null || property3 == null) ? new KeyManager[0] : new KeyManager[]{new MyKeyManager(property2, property3)}, StringUtilRt.parseBoolean(System.getProperty(SSL_TRUST_EVERYBODY), false) ? new TrustManager[]{new MyTrustEverybodyManager()} : property == null ? new TrustManager[0] : createTrustManagers(property), null);
            this.myFactory = sSLContext.getSocketFactory();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX WARN: Type inference failed for: r5v1, types: [javax.net.ssl.TrustManager[], javax.net.ssl.TrustManager[][]] */
    @NotNull
    public static TrustManager[] createTrustManagers(@NotNull String str) throws Exception {
        if (str == null) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "caCertPath", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createTrustManagers"));
        }
        String[] split = FileUtilRt.loadFile(new File(str)).split(END_CERTIFICATE);
        ArrayList newArrayListWithCapacity = ContainerUtilRt.newArrayListWithCapacity(split.length);
        for (String str2 : split) {
            if (str2 != null && str2.trim().length() != 0) {
                newArrayListWithCapacity.add(new MyTrustManager(readCertificate(stringStream(str2 + END_CERTIFICATE))));
            }
        }
        TrustManager[] trustManagerArr = {new CompositeX509TrustManager(new TrustManager[]{(TrustManager[]) newArrayListWithCapacity.toArray(new TrustManager[newArrayListWithCapacity.size()])})};
        if (trustManagerArr == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createTrustManagers"));
        }
        return trustManagerArr;
    }

    @NotNull
    public static InputStream stringStream(@NotNull String str) {
        if (str == null) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "str", "com/intellij/execution/rmi/ssl/SslSocketFactory", "stringStream"));
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes("UTF-8"));
            if (byteArrayInputStream == null) {
                throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "stringStream"));
            }
            return byteArrayInputStream;
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // javax.net.SocketFactory
    @NotNull
    public Socket createSocket(InetAddress inetAddress, int i) throws IOException {
        Socket createSocket = this.myFactory.createSocket(inetAddress, i);
        if (createSocket == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createSocket"));
        }
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    @NotNull
    public Socket createSocket(String str, int i) throws IOException {
        Socket createSocket = this.myFactory.createSocket(str, i);
        if (createSocket == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createSocket"));
        }
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    @NotNull
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        Socket createSocket = this.myFactory.createSocket(str, i, inetAddress, i2);
        if (createSocket == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createSocket"));
        }
        return createSocket;
    }

    @Override // javax.net.SocketFactory
    @NotNull
    public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) throws IOException {
        Socket createSocket = this.myFactory.createSocket(inetAddress, i, inetAddress2, i2);
        if (createSocket == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "createSocket"));
        }
        return createSocket;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        return this.myFactory.createSocket(socket, str, i, z);
    }

    @Override // javax.net.ssl.SSLSocketFactory
    @NotNull
    public String[] getDefaultCipherSuites() {
        String[] defaultCipherSuites = this.myFactory.getDefaultCipherSuites();
        if (defaultCipherSuites == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "getDefaultCipherSuites"));
        }
        return defaultCipherSuites;
    }

    @Override // javax.net.ssl.SSLSocketFactory
    @NotNull
    public String[] getSupportedCipherSuites() {
        String[] supportedCipherSuites = this.myFactory.getSupportedCipherSuites();
        if (supportedCipherSuites == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "getSupportedCipherSuites"));
        }
        return supportedCipherSuites;
    }

    @NotNull
    public static X509Certificate readCertificate(@NotNull String str) throws CertificateException, IOException {
        if (str == null) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "filePath", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readCertificate"));
        }
        X509Certificate readCertificate = readCertificate(new FileInputStream(str));
        if (readCertificate == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readCertificate"));
        }
        return readCertificate;
    }

    @NotNull
    public static X509Certificate readCertificate(@NotNull InputStream inputStream) throws CertificateException, IOException {
        if (inputStream == null) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "stream", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readCertificate"));
        }
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        inputStream.close();
        if (x509Certificate == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readCertificate"));
        }
        return x509Certificate;
    }

    @NotNull
    public static PrivateKey readPrivateKey(@NotNull String str) throws IOException {
        if (str == null) {
            throw new IllegalArgumentException(String.format("Argument for @NotNull parameter '%s' of %s.%s must not be null", "filePath", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readPrivateKey"));
        }
        PrivateKey privateKey = new PrivateKeyReader(str).getPrivateKey();
        if (privateKey == null) {
            throw new IllegalStateException(String.format("@NotNull method %s.%s must not return null", "com/intellij/execution/rmi/ssl/SslSocketFactory", "readPrivateKey"));
        }
        return privateKey;
    }
}
