package org.jruby.ext.openssl.x509store;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.X509TrustManager;
import org.jruby.Ruby;
import org.jruby.ext.openssl.OpenSSL;
import org.jruby.ext.openssl.x509store.CertificateFile;
import org.jruby.ext.openssl.x509store.CertificateHashDir;

/* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store.class */
public class Store implements X509TrustManager {
    private static final X509Object[] NULL_OBJECTS = new X509Object[0];
    private static final Lookup[] NULL_LOOKUP = new Lookup[0];
    VerifyFunction verify;
    VerifyCallbackFunction verifyCallback;
    GetIssuerFunction getIssuer;
    CheckIssuedFunction checkIssued;
    CheckRevocationFunction checkRevocation;
    GetCRLFunction getCRL;
    CheckCRLFunction checkCRL;
    CertificateCRLFunction certificateCRL;
    CleanupFunction cleanup;
    LookupCerts lookup_certs;
    private volatile X509Object[] objects = NULL_OBJECTS;
    private volatile Lookup[] certLookups = NULL_LOOKUP;
    final VerifyParameter verifyParameter = new VerifyParameter();
    private final List<Object> extraData = new ArrayList(10);

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$CertificateCRLFunction.class */
    interface CertificateCRLFunction extends Function3<StoreContext, X509CRL, X509AuxCertificate> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$CheckCRLFunction.class */
    interface CheckCRLFunction extends Function2<StoreContext, X509CRL> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$CheckIssuedFunction.class */
    interface CheckIssuedFunction extends Function3<StoreContext, X509AuxCertificate, X509AuxCertificate> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$CheckRevocationFunction.class */
    interface CheckRevocationFunction extends Function1<StoreContext> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$CleanupFunction.class */
    interface CleanupFunction extends Function1<StoreContext> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$GetCRLFunction.class */
    interface GetCRLFunction extends Function3<StoreContext, X509CRL[], X509AuxCertificate> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$GetIssuerFunction.class */
    interface GetIssuerFunction extends Function3<StoreContext, X509AuxCertificate[], X509AuxCertificate> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$LookupCerts.class */
    interface LookupCerts {
        List<X509AuxCertificate> call(StoreContext storeContext, Name name) throws Exception;
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$VerifyCallbackFunction.class */
    public interface VerifyCallbackFunction extends Function2<StoreContext, Integer> {
    }

    /* loaded from: input_file:BOOT-INF/lib/jruby-stdlib-9.2.20.1.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/x509store/Store$VerifyFunction.class */
    public interface VerifyFunction extends Function1<StoreContext> {
    }

    public Store() {
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
        this.extraData.add(null);
    }

    public List<X509Object> getObjects() {
        return Arrays.asList(this.objects);
    }

    public List<Lookup> getCertificateMethods() {
        return Arrays.asList(this.certLookups);
    }

    public void setVerifyFunction(VerifyFunction verifyFunction) {
        this.verify = verifyFunction;
    }

    public void setVerifyCallbackFunction(VerifyCallbackFunction verifyCallbackFunction) {
        this.verifyCallback = verifyCallbackFunction;
    }

    public void free() throws Exception {
        for (Lookup lookup : this.certLookups) {
            lookup.shutdown();
            lookup.free();
        }
        if (this.verifyParameter != null) {
            this.verifyParameter.free();
        }
    }

    public int setExtraData(int i, Object obj) {
        synchronized (this.extraData) {
            this.extraData.set(i, obj);
        }
        return 1;
    }

    public Object getExtraData(int i) {
        Object obj;
        synchronized (this.extraData) {
            obj = this.extraData.get(i);
        }
        return obj;
    }

    public int setDepth(int i) {
        this.verifyParameter.setDepth(i);
        return 1;
    }

    public int setFlags(long j) {
        return this.verifyParameter.setFlags(j);
    }

    public int setPurpose(int i) {
        return this.verifyParameter.setPurpose(i);
    }

    public int setTrust(int i) {
        return this.verifyParameter.setTrust(i);
    }

    public VerifyParameter getParam() {
        return this.verifyParameter;
    }

    public void setParam(VerifyParameter verifyParameter) {
        this.verifyParameter.set(verifyParameter);
    }

    public Lookup addLookup(Ruby ruby, LookupMethod lookupMethod) {
        Lookup findLookupMethod;
        Lookup[] lookupArr = this.certLookups;
        Lookup findLookupMethod2 = findLookupMethod(lookupArr, lookupMethod);
        if (findLookupMethod2 != null) {
            return findLookupMethod2;
        }
        Lookup lookup = new Lookup(ruby, lookupMethod);
        lookup.store = this;
        synchronized (this) {
            int length = this.certLookups.length;
            if (lookupArr.length != length && (findLookupMethod = findLookupMethod(this.certLookups, lookupMethod)) != null) {
                return findLookupMethod;
            }
            Lookup[] lookupArr2 = (Lookup[]) Arrays.copyOf(this.certLookups, length + 1);
            lookupArr2[length] = lookup;
            this.certLookups = lookupArr2;
            return lookup;
        }
    }

    private static Lookup findLookupMethod(Lookup[] lookupArr, LookupMethod lookupMethod) {
        for (Lookup lookup : lookupArr) {
            if (lookup.method.equals(lookupMethod)) {
                return lookup;
            }
        }
        return null;
    }

    public int addCertificate(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return 0;
        }
        Certificate certificate = new Certificate(StoreContext.ensureAux(x509Certificate));
        synchronized (this) {
            if (matchedObject(this.objects, certificate)) {
                return 1;
            }
            return addObject(certificate);
        }
    }

    public int addCRL(java.security.cert.CRL crl) {
        if (crl == null) {
            return 0;
        }
        CRL crl2 = new CRL(crl);
        synchronized (this) {
            if (matchedObject(this.objects, crl2)) {
                return 1;
            }
            return addObject(crl2);
        }
    }

    private static boolean matchedObject(X509Object[] x509ObjectArr, X509Object x509Object) {
        for (X509Object x509Object2 : x509ObjectArr) {
            if (x509Object2.matches(x509Object)) {
                return true;
            }
        }
        return false;
    }

    private int addObject(X509Object x509Object) {
        int length = this.objects.length;
        X509Object[] x509ObjectArr = (X509Object[]) Arrays.copyOf(this.objects, length + 1);
        x509ObjectArr[length] = x509Object;
        this.objects = x509ObjectArr;
        return 1;
    }

    public int loadLocations(Ruby ruby, String str, String str2) throws Exception {
        Lookup addLookup;
        Lookup addLookup2;
        if (str != null && ((addLookup2 = addLookup(ruby, Lookup.fileLookup())) == null || addLookup2.loadFile(new CertificateFile.Path(str, 1)) != 1)) {
            return 0;
        }
        if (str2 == null || ((addLookup = addLookup(ruby, Lookup.hashDirLookup())) != null && addLookup.addDir(new CertificateHashDir.Dir(str2, 1)) == 1)) {
            return (str2 == null && str == null) ? 0 : 1;
        }
        return 0;
    }

    public int setDefaultPaths(Ruby ruby) throws Exception {
        try {
            addLookup(ruby, Lookup.fileLookup()).loadFile(new CertificateFile.Path(null, 3));
        } catch (FileNotFoundException e) {
        } catch (IOException e2) {
            if (!e2.getClass().getSimpleName().equals("NotFound")) {
                throw e2;
            }
            OpenSSL.debug(ruby, "add X509_CERT_FILER_CTX (to default paths)", e2);
        }
        try {
            addLookup(ruby, Lookup.hashDirLookup()).addDir(new CertificateHashDir.Dir(null, 3));
        } catch (FileNotFoundException e3) {
        } catch (IOException e4) {
            if (!e4.getClass().getSimpleName().equals("NotFound")) {
                throw e4;
            }
            OpenSSL.debug(ruby, "add X509_HASH_DIR_CTX (to default paths)", e4);
        }
        X509Error.clearErrors();
        return 1;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        X509Object[] x509ObjectArr = this.objects;
        ArrayList arrayList = new ArrayList(x509ObjectArr.length);
        for (X509Object x509Object : x509ObjectArr) {
            if (x509Object instanceof Certificate) {
                arrayList.add(((Certificate) x509Object).cert);
            }
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }
}
