package wjhk.jupload2.upload.helper;

import java.awt.BorderLayout;
import java.awt.Component;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.StringTokenizer;
import java.util.Vector;
import javax.crypto.BadPaddingException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.swing.BorderFactory;
import javax.swing.Icon;
import javax.swing.JButton;
import javax.swing.JEditorPane;
import javax.swing.JLabel;
import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.JPasswordField;
import wjhk.jupload2.policies.UploadPolicy;

/* loaded from: input_file:wjhk/jupload2/upload/helper/InteractiveTrustManager.class */
public class InteractiveTrustManager implements X509TrustManager, CallbackHandler {
    public static final int NONE = 0;
    public static final int SERVER = 1;
    public static final int CLIENT = 2;
    public static final int STRICT = 3;
    private UploadPolicy uploadPolicy;
    private int mode;
    private String hostname;
    private static final String TSKEY = "javax.net.ssl.trustStore";
    private String tsname;
    private String tspasswd;
    private TrustManagerFactory tmf;
    private KeyManagerFactory kmf;
    private KeyStore ts;
    private KeyStore ks;
    private static final String TS = ".truststore";
    private static final String USERTS = System.getProperty("user.home") + File.separator + TS;

    private String getPassword(String str) {
        JPasswordField jPasswordField = new JPasswordField(16);
        JLabel jLabel = new JLabel(String.format(this.uploadPolicy.getString("itm_prompt_pass"), str));
        jLabel.setLabelFor(jPasswordField);
        JPanel jPanel = new JPanel(new BorderLayout(10, 0));
        jPanel.setBorder(BorderFactory.createEmptyBorder(5, 10, 5, 10));
        jPanel.add(jLabel, "Before");
        jPanel.add(jPasswordField, "After");
        if (JOptionPane.showConfirmDialog((Component) null, jPanel, String.format(this.uploadPolicy.getString("itm_title_pass"), str), 2, -1) == 0) {
            return new String(jPasswordField.getPassword());
        }
        return null;
    }

    @Override // javax.security.auth.callback.CallbackHandler
    public void handle(Callback[] callbackArr) throws UnsupportedCallbackException {
        for (int i = 0; i < callbackArr.length; i++) {
            if (!(callbackArr[i] instanceof PasswordCallback)) {
                throw new UnsupportedCallbackException(callbackArr[i], "Unrecognized Callback");
            }
            PasswordCallback passwordCallback = (PasswordCallback) callbackArr[i];
            String password = getPassword(passwordCallback.getPrompt());
            passwordCallback.setPassword(password == null ? null : password.toCharArray());
        }
    }

    public InteractiveTrustManager(UploadPolicy uploadPolicy, String str, String str2) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IllegalArgumentException, UnrecoverableKeyException {
        this.mode = 3;
        this.tsname = null;
        this.tspasswd = null;
        this.tmf = null;
        this.kmf = null;
        this.ts = null;
        this.ks = null;
        this.mode = uploadPolicy.getSslVerifyCert();
        this.uploadPolicy = uploadPolicy;
        if ((this.mode & 1) != 0) {
            str2 = null == str2 ? "changeit" : str2;
            this.tsname = System.getProperty(TSKEY);
            if (null == this.tsname) {
                this.tsname = System.getProperty("java.home") + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts";
                if (new File(USERTS).exists()) {
                    this.tsname = USERTS;
                }
            }
            if (null == str || str.length() == 0) {
                throw new IllegalArgumentException("hostname may not be null or empty.");
            }
            this.hostname = str;
            if (null == this.ts) {
                this.ts = KeyStore.getInstance(KeyStore.getDefaultType());
                do {
                    try {
                        FileInputStream fileInputStream = new FileInputStream(this.tsname);
                        this.ts.load(fileInputStream, str2.toCharArray());
                        fileInputStream.close();
                        this.tspasswd = str2;
                    } catch (IOException e) {
                        if (!e.getMessage().equals("Keystore was tampered with, or password was incorrect")) {
                            break;
                        } else {
                            str2 = getPassword(this.uploadPolicy.getString("itm_tstore"));
                        }
                        throw new KeyStoreException("Could not load truststore");
                    }
                } while (null != str2);
                throw new KeyStoreException("Could not load truststore");
            }
            this.tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            this.tmf.init(this.ts);
        }
        if ((this.mode & 2) != 0) {
            String property = System.getProperty("javax.net.ssl.keyStore");
            property = null == property ? System.getProperty("user.home") + File.separator + ".keystore" : property;
            String str3 = "changeit";
            File file = new File(property);
            if (!file.exists() || !file.isFile()) {
                throw new KeyStoreException("Keystore " + property + " does not exist.");
            }
            if (null == this.kmf) {
                this.ks = KeyStore.getInstance(property.toLowerCase().endsWith(".p12") ? "PKCS12" : KeyStore.getDefaultType());
                do {
                    try {
                        FileInputStream fileInputStream2 = new FileInputStream(property);
                        this.ks.load(fileInputStream2, str3.toCharArray());
                        fileInputStream2.close();
                        this.kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                        this.kmf.init(this.ks, str3.toCharArray());
                        return;
                    } catch (IOException e2) {
                        if (!(e2.getCause() instanceof BadPaddingException) && !e2.getMessage().equals("Keystore was tampered with, or password was incorrect")) {
                            break;
                        } else {
                            str3 = getPassword("Keystore");
                        }
                        throw new KeyStoreException("Could not load keystore: " + e2.getMessage());
                    }
                } while (null != str3);
                throw new KeyStoreException("Could not load keystore: " + e2.getMessage());
            }
        }
    }

    public KeyManager[] getKeyManagers() {
        if ((this.mode & 2) == 0) {
            return null;
        }
        return this.kmf.getKeyManagers();
    }

    public X509TrustManager[] getTrustManagers() {
        return new X509TrustManager[]{this};
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    private String formatDN(String str, String str2, Vector<String> vector) {
        String str3;
        StringBuffer stringBuffer = new StringBuffer();
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            while (true) {
                str3 = nextToken;
                if (!str3.endsWith("\\")) {
                    break;
                }
                nextToken = str3 + stringTokenizer.nextToken();
            }
            String[] split = str3.split("=", 2);
            if (split.length == 2) {
                if (split[0].equals("C")) {
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_C")).append("</td><td>").append(split[1]).append("</td></tr>\n");
                }
                if (split[0].equals("CN")) {
                    boolean z = true;
                    if (null != str2) {
                        z = str2.equals(split[1]);
                    }
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_CN")).append("</td><td");
                    stringBuffer.append(z ? ">" : " class=\"err\">").append(split[1]).append("</td></tr>\n");
                    if (!z) {
                        vector.add(String.format(this.uploadPolicy.getString("itm_reason_cnmatch"), str2));
                    }
                }
                if (split[0].equals("L")) {
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_L")).append("</td><td>").append(split[1]).append("</td></tr>\n");
                }
                if (split[0].equals("ST")) {
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_ST")).append("</td><td>").append(split[1]).append("</td></tr>\n");
                }
                if (split[0].equals("O")) {
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_O")).append("</td><td>").append(split[1]).append("</td></tr>\n");
                }
                if (split[0].equals("OU")) {
                    stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_OU")).append("</td><td>").append(split[1]).append("</td></tr>\n");
                }
            }
        }
        return stringBuffer.toString();
    }

    private void CertDialog(X509Certificate x509Certificate) throws CertificateException {
        boolean z = false;
        boolean z2 = false;
        Vector<String> vector = new Vector<>();
        vector.add(this.uploadPolicy.getString("itm_reason_itrust"));
        try {
            x509Certificate.checkValidity();
        } catch (CertificateExpiredException e) {
            z = true;
            vector.add(this.uploadPolicy.getString("itm_reason_expired"));
        } catch (CertificateNotYetValidException e2) {
            z2 = true;
            vector.add(this.uploadPolicy.getString("itm_reason_notyet"));
        }
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<html><head>");
        stringBuffer.append("<style type=\"text/css\">\n");
        stringBuffer.append("td, th, p, body { ");
        stringBuffer.append("font-family: Arial, Helvetica, sans-serif; ");
        stringBuffer.append("font-size: 12pt; ");
        stringBuffer.append("color: ").append(String.format("#%06x", Integer.valueOf(new JButton(".").getForeground().getRGB() & 16777215))).append(" }\n");
        stringBuffer.append("th { text-align: left; }\n");
        stringBuffer.append("td { margin-left: 20; }\n");
        stringBuffer.append(".err { color: red; }\n");
        stringBuffer.append("</style>\n");
        stringBuffer.append("</head><body>");
        stringBuffer.append("<h3>").append(this.uploadPolicy.getString("itm_fail_verify")).append("</h3>");
        stringBuffer.append("<h4>").append(this.uploadPolicy.getString("itm_cert_details")).append("</h4>");
        stringBuffer.append("<table>");
        stringBuffer.append("<tr><th colspan=2>").append(this.uploadPolicy.getString("itm_cert_subject")).append("</th></tr>");
        stringBuffer.append(formatDN(x509Certificate.getSubjectX500Principal().getName(), this.hostname, vector));
        stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_nbefore")).append("</td>");
        stringBuffer.append(z2 ? "<td class=\"err\">" : "<td>").append(x509Certificate.getNotBefore()).append("</td></tr>\n");
        stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_nafter")).append("</td>");
        stringBuffer.append(z ? "<td class=\"err\">" : "<td>").append(x509Certificate.getNotAfter()).append("</td></tr>\n");
        stringBuffer.append("<tr><td>").append(this.uploadPolicy.getString("itm_cert_serial")).append("</td><td>");
        stringBuffer.append(x509Certificate.getSerialNumber());
        stringBuffer.append("</td></tr>\n");
        stringBuffer.append("<tr><td>").append(String.format(this.uploadPolicy.getString("itm_cert_fprint"), "SHA1")).append("</td><td>");
        StringBuffer stringBuffer2 = new StringBuffer();
        try {
            byte[] digest = MessageDigest.getInstance("SHA1").digest(x509Certificate.getEncoded());
            for (int i = 0; i < digest.length; i++) {
                if (i > 0) {
                    stringBuffer2.append(":");
                }
                stringBuffer2.append(Integer.toHexString((digest[i] >> 4) & 15));
                stringBuffer2.append(Integer.toHexString(digest[i] & 15));
            }
            stringBuffer.append(stringBuffer2).append("</td></tr>\n");
            stringBuffer2.setLength(0);
            stringBuffer.append("<tr><td>").append(String.format(this.uploadPolicy.getString("itm_cert_fprint"), "MD5")).append("</td><td>");
            try {
                byte[] digest2 = MessageDigest.getInstance("MD5").digest(x509Certificate.getEncoded());
                for (int i2 = 0; i2 < digest2.length; i2++) {
                    if (i2 > 0) {
                        stringBuffer2.append(":");
                    }
                    stringBuffer2.append(Integer.toHexString((digest2[i2] >> 4) & 15));
                    stringBuffer2.append(Integer.toHexString(digest2[i2] & 15));
                }
                stringBuffer.append(stringBuffer2).append("</td></tr>\n");
                stringBuffer.append("</table><table>");
                stringBuffer.append("<tr><th colspan=2>").append(this.uploadPolicy.getString("itm_cert_issuer")).append("</th></tr>");
                stringBuffer.append(formatDN(x509Certificate.getIssuerX500Principal().getName(), null, vector));
                stringBuffer.append("</table>");
                stringBuffer.append("<p><b>").append(this.uploadPolicy.getString("itm_reasons")).append("</b><br><ul>");
                Iterator<String> it = vector.iterator();
                while (it.hasNext()) {
                    stringBuffer.append("<li>" + it.next() + "</li>\n");
                }
                stringBuffer.append("</ul></p>");
                stringBuffer.append("<p><b>").append(this.uploadPolicy.getString("itm_accept_prompt")).append("</b></p>");
                stringBuffer.append("</body></html>");
                JPanel jPanel = new JPanel();
                jPanel.setLayout(new BorderLayout());
                JEditorPane jEditorPane = new JEditorPane("text/html", stringBuffer.toString());
                jEditorPane.setEditable(false);
                jEditorPane.setBackground(jPanel.getBackground());
                jPanel.add(jEditorPane, "Center");
                String string = this.uploadPolicy.getString("itm_accept_no");
                int showOptionDialog = JOptionPane.showOptionDialog((Component) null, jPanel, "SSL Certificate Alert", 1, 2, (Icon) null, new String[]{this.uploadPolicy.getString("itm_accept_always"), this.uploadPolicy.getString("itm_accept_now"), string}, string);
                switch (showOptionDialog) {
                    case -1:
                    case 2:
                        throw new CertificateException("Server certificate rejected.");
                    case 0:
                    case 1:
                        try {
                            this.ts.setCertificateEntry(stringBuffer2.toString(), x509Certificate);
                            if (showOptionDialog != 0) {
                                return;
                            }
                            if (null == System.getProperty(TSKEY)) {
                                this.tsname = USERTS;
                            }
                            while (true) {
                                try {
                                    File file = new File(this.tsname);
                                    boolean z3 = false;
                                    if (!file.exists()) {
                                        this.tspasswd = getPassword(this.uploadPolicy.getString("itm_new_tstore"));
                                        if (null == this.tspasswd) {
                                            this.tspasswd = "changeit";
                                        }
                                    } else {
                                        if (!file.renameTo(new File(this.tsname + ".old"))) {
                                            throw new IOException("Could not rename truststore");
                                        }
                                        z3 = true;
                                    }
                                    FileOutputStream fileOutputStream = new FileOutputStream(this.tsname);
                                    this.ts.store(fileOutputStream, this.tspasswd.toCharArray());
                                    fileOutputStream.close();
                                    if (z3 && !file.delete()) {
                                        throw new IOException("Could not delete old truststore");
                                    }
                                    this.tmf.init(this.ts);
                                    System.out.println("Saved cert to " + this.tsname);
                                    return;
                                } catch (Exception e3) {
                                    if (this.tsname.equals(USERTS)) {
                                        throw new CertificateException(e3);
                                    }
                                    this.tsname = USERTS;
                                }
                            }
                        } catch (KeyStoreException e4) {
                            throw new CertificateException("Unable to add certificate: " + e4.getMessage());
                        }
                        break;
                    default:
                        return;
                }
            } catch (NoSuchAlgorithmException e5) {
                throw new CertificateException("Unable to calculate certificate MD5 fingerprint: " + e5.getMessage());
            }
        } catch (NoSuchAlgorithmException e6) {
            throw new CertificateException("Unable to calculate certificate SHA1 fingerprint: " + e6.getMessage());
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        if ((this.mode & 1) != 0) {
            if (null == x509CertificateArr || x509CertificateArr.length == 0) {
                throw new IllegalArgumentException("Certificate chain is null or empty");
            }
            TrustManager[] trustManagers = this.tmf.getTrustManagers();
            for (int i = 0; i < trustManagers.length; i++) {
                if (trustManagers[i] instanceof X509TrustManager) {
                    try {
                        ((X509TrustManager) trustManagers[i]).checkServerTrusted(x509CertificateArr, str);
                        return;
                    } catch (Exception e) {
                    }
                }
            }
            CertDialog(x509CertificateArr[0]);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        System.out.println("getAcceptedIssuers");
        return new X509Certificate[0];
    }
}
