package ru.turikhay.tlauncher.bootstrap.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
import ru.turikhay.tlauncher.bootstrap.Bootstrap;
import ru.turikhay.tlauncher.bootstrap.util.U;
import shaded.com.getsentry.raven.event.Event;
import shaded.com.getsentry.raven.event.EventBuilder;
import shaded.com.getsentry.raven.event.interfaces.ExceptionInterface;

/* loaded from: input_file:ru/turikhay/tlauncher/bootstrap/ssl/FixSSL.class */
public class FixSSL {
    public static void addLetsEncryptCertSupportIfNeeded() {
        try {
            addLetsEncryptIntoTrustStore();
        } catch (Exception e) {
            U.log("[FixSSL]", "Couldn't add LetsEncrypt root certificate", e);
            Bootstrap.SENTRY.sendEvent(new EventBuilder().withLevel(Event.Level.ERROR).withMessage("couldn't add LetsEncrypt root certificates").withSentryInterface(new ExceptionInterface(e)));
        }
    }

    private static boolean doesContainLetsEncryptRootCert(Map<String, Certificate> map, Map<String, Certificate> map2) {
        for (Certificate certificate : map2.values()) {
            if (!map.containsValue(certificate)) {
                U.log("[FixSSL]", "JRE trust store doesn't contain", certificate);
                return false;
            }
        }
        return true;
    }

    private static void addLetsEncryptIntoTrustStore() throws Exception {
        Map<String, Certificate> loadJreTrustStore = loadJreTrustStore();
        Map<String, Certificate> loadLetsEncryptStore = loadLetsEncryptStore();
        if (doesContainLetsEncryptRootCert(loadJreTrustStore, loadLetsEncryptStore)) {
            return;
        }
        useNewKeyStoreGlobally(mergeStores(loadJreTrustStore, loadLetsEncryptStore));
    }

    private static Map<String, Certificate> loadJreTrustStore() throws Exception {
        return loadStore(new FileInputStream(new File(System.getProperty("java.home"), "lib/security/cacerts")), "changeit");
    }

    private static Map<String, Certificate> loadLetsEncryptStore() throws Exception {
        return loadStore(FixSSL.class.getResourceAsStream("lekeystore.jks"), "supersecretpassword");
    }

    private static KeyStore mergeStores(Map<String, Certificate> map, Map<String, Certificate> map2) throws Exception {
        KeyStore newKeyStore = newKeyStore();
        newKeyStore.load(null, new char[0]);
        for (Map.Entry<String, Certificate> entry : map.entrySet()) {
            newKeyStore.setCertificateEntry(entry.getKey(), entry.getValue());
        }
        for (Map.Entry<String, Certificate> entry2 : map2.entrySet()) {
            newKeyStore.setCertificateEntry(entry2.getKey(), entry2.getValue());
        }
        return newKeyStore;
    }

    private static void useNewKeyStoreGlobally(KeyStore keyStore) throws Exception {
        U.log("[FixSSL]", "Adding LetsEncrypt into trust store");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
        HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
    }

    private static Map<String, Certificate> loadStore(InputStream inputStream, String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        loadCAStore(keyStore, inputStream, str);
        return readTrustStore(keyStore);
    }

    private static Map<String, Certificate> readTrustStore(KeyStore keyStore) throws KeyStoreException {
        HashMap hashMap = new HashMap();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            hashMap.put(nextElement, keyStore.getCertificate(nextElement));
        }
        return hashMap;
    }

    private static void loadCAStore(KeyStore keyStore, InputStream inputStream, String str) throws IOException, CertificateException, NoSuchAlgorithmException {
        try {
            keyStore.load(inputStream, str.toCharArray());
            U.close(inputStream);
        } catch (Throwable th) {
            U.close(inputStream);
            throw th;
        }
    }

    private static KeyStore newKeyStore() throws KeyStoreException {
        return KeyStore.getInstance(KeyStore.getDefaultType());
    }

    private FixSSL() {
    }
}
