package me.mrnavastar.protoweaver.client.netty;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import lombok.Generated;
import me.mrnavastar.protoweaver.libs.netty.util.concurrent.FastThreadLocal;
import me.mrnavastar.protoweaver.libs.netty.util.internal.EmptyArrays;
import me.mrnavastar.protoweaver.libs.netty.util.internal.StringUtil;

/* loaded from: input_file:me/mrnavastar/protoweaver/client/netty/ProtoTrustManager.class */
public class ProtoTrustManager {
    private final File hostsFile;
    private static final FastThreadLocal<MessageDigest> tlmd = new FastThreadLocal<MessageDigest>() { // from class: me.mrnavastar.protoweaver.client.netty.ProtoTrustManager.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // me.mrnavastar.protoweaver.libs.netty.util.concurrent.FastThreadLocal
        public MessageDigest initialValue() {
            try {
                return MessageDigest.getInstance("SHA256");
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalArgumentException("Unsupported hash algorithm", e);
            }
        }
    };
    private final String hostId;
    private byte[] trusted = null;
    private final TrustManager tm = new X509TrustManager() { // from class: me.mrnavastar.protoweaver.client.netty.ProtoTrustManager.2
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            checkTrusted(x509CertificateArr);
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            checkTrusted(x509CertificateArr);
        }

        private void checkTrusted(X509Certificate[] x509CertificateArr) {
            MessageDigest messageDigest = ProtoTrustManager.tlmd.get();
            messageDigest.reset();
            byte[] digest = messageDigest.digest(x509CertificateArr[0].getEncoded());
            if (ProtoTrustManager.this.trusted != null) {
                if (!Arrays.equals(ProtoTrustManager.this.trusted, digest)) {
                    throw new CertificateException("protoweaver-client-cert-error:" + ProtoTrustManager.this.hostId + ":" + StringUtil.toHexString(ProtoTrustManager.this.trusted) + "!=" + StringUtil.toHexString(digest));
                }
                return;
            }
            ProtoTrustManager.this.hostsFile.getParentFile().mkdirs();
            ProtoTrustManager.this.hostsFile.createNewFile();
            BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(ProtoTrustManager.this.hostsFile, true));
            try {
                bufferedWriter.append((CharSequence) ProtoTrustManager.this.hostId).append((CharSequence) "=").append((CharSequence) StringUtil.toHexString(digest)).append((CharSequence) "\n");
                ProtoTrustManager.this.trusted = digest;
                if (Collections.singletonList(bufferedWriter).get(0) != null) {
                    bufferedWriter.close();
                }
            } catch (Throwable th) {
                if (Collections.singletonList(bufferedWriter).get(0) != null) {
                    bufferedWriter.close();
                }
                throw th;
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return EmptyArrays.EMPTY_X509_CERTIFICATES;
        }
    };

    public ProtoTrustManager(String str, int i, String str2) {
        this.hostsFile = new File(str2 + File.separator + "protoweaver.hosts");
        this.hostId = str + ":" + i;
        if (this.hostsFile.exists()) {
            try {
                BufferedReader bufferedReader = new BufferedReader(new FileReader(this.hostsFile));
                try {
                    bufferedReader.lines().filter(str3 -> {
                        return str3.startsWith(str + ":" + i);
                    }).findFirst().ifPresent(str4 -> {
                        this.trusted = StringUtil.decodeHexDump(str4.split("=")[1]);
                    });
                    bufferedReader.close();
                } finally {
                }
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
    }

    @Generated
    public TrustManager getTm() {
        return this.tm;
    }
}
