package tech.mgl.utils.ssl;

import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.net.URI;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import tech.mgl.core.utils.MGL_FileUtils;

/* loaded from: input_file:tech/mgl/utils/ssl/MGL_CertificateDownloader.class */
public class MGL_CertificateDownloader {
    public static String handleCertificate(String str, String str2) throws Exception {
        FileOutputStream fileOutputStream;
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: tech.mgl.utils.ssl.MGL_CertificateDownloader.1
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str3) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }}, null);
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URI(str).toURL().openConnection();
        httpsURLConnection.setSSLSocketFactory(sSLContext.getSocketFactory());
        httpsURLConnection.connect();
        Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
        if (serverCertificates.length == 0) {
            throw new IOException("No certificates found from server");
        }
        X509Certificate x509Certificate = (X509Certificate) serverCertificates[0];
        boolean contains = new String(x509Certificate.getEncoded()).contains("-----BEGIN CERTIFICATE-----");
        MGL_FileUtils.getFileCreate(str2);
        if (contains) {
            fileOutputStream = new FileOutputStream(str2);
            try {
                fileOutputStream.write(x509Certificate.getEncoded());
                fileOutputStream.close();
            } finally {
            }
        } else {
            fileOutputStream = new FileOutputStream(str2);
            try {
                fileOutputStream.write("-----BEGIN CERTIFICATE-----\n".getBytes());
                fileOutputStream.write(Base64.getEncoder().encode(x509Certificate.getEncoded()));
                fileOutputStream.write("\n-----END CERTIFICATE-----\n".getBytes());
                fileOutputStream.close();
            } finally {
            }
        }
        return str2;
    }

    public static void downloadCertificate(String str, String str2) throws Exception {
        disableSSLVerification();
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URI(str).toURL().openConnection();
        httpsURLConnection.connect();
        Certificate[] serverCertificates = httpsURLConnection.getServerCertificates();
        if (serverCertificates.length > 0) {
            Certificate certificate = serverCertificates[0];
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                FileWriter fileWriter = new FileWriter(str2);
                try {
                    fileWriter.write("-----BEGIN CERTIFICATE-----\n");
                    fileWriter.write(Base64.getEncoder().encodeToString(x509Certificate.getEncoded()));
                    fileWriter.write("\n-----END CERTIFICATE-----");
                    fileWriter.close();
                    return;
                } catch (Throwable th) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            }
        }
        throw new IllegalStateException("No certificates found!");
    }

    public static void fetchAndSaveCertificate(String str, int i, String str2) throws Exception {
        disableSSLVerification();
        SSLSocket sSLSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(str, i);
        try {
            sSLSocket.startHandshake();
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates.length > 0) {
                Certificate certificate = peerCertificates[0];
                if (certificate instanceof X509Certificate) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    FileWriter fileWriter = new FileWriter(str2);
                    try {
                        fileWriter.write("-----BEGIN CERTIFICATE-----\n");
                        fileWriter.write(Base64.getEncoder().encodeToString(x509Certificate.getEncoded()));
                        fileWriter.write("\n-----END CERTIFICATE-----");
                        fileWriter.close();
                        if (sSLSocket != null) {
                            sSLSocket.close();
                            return;
                        }
                        return;
                    } finally {
                    }
                }
            }
            throw new IllegalStateException("No valid certificate received from server.");
        } catch (Throwable th) {
            if (sSLSocket != null) {
                try {
                    sSLSocket.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static void disableSSLVerification() {
        try {
            TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: tech.mgl.utils.ssl.MGL_CertificateDownloader.2
                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }
            }};
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            HttpsURLConnection.setDefaultHostnameVerifier((str, sSLSession) -> {
                return true;
            });
        } catch (Exception e) {
            throw new RuntimeException("Failed to disable SSL verification", e);
        }
    }

    public static void main(String[] strArr) throws Exception {
        downloadCertificate("https://10.0.0.188:9200", "./test/test.crt");
    }
}
