package net.kano.joustsim.trust;

import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import net.kano.joscar.CopyOnWriteArrayList;
import net.kano.joscar.DefensiveTools;

/* loaded from: input_file:net/kano/joustsim/trust/TrustedCertificatesTracker.class */
public class TrustedCertificatesTracker {
    private static final Logger logger;
    private final CertificateTrustManager certTrustMgr;
    private final SignerTrustManager signerTrustMgr;
    private Map<CertificateHolder, TrustedCertificateInfoImpl> trackedCerts = new HashMap();
    private Map<X509Certificate, SignerInfoImpl> signers = new HashMap();
    private CopyOnWriteArrayList<TrustedCertificatesListener> listeners = new CopyOnWriteArrayList<>();
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/kano/joustsim/trust/TrustedCertificatesTracker$SignerInfoImpl.class */
    public static final class SignerInfoImpl extends DefaultCertificateHolder implements SignerInfo {
        private final Set<TrustedCertificateInfo> signees;
        static final /* synthetic */ boolean $assertionsDisabled;

        private SignerInfoImpl(X509Certificate x509Certificate) {
            super(x509Certificate);
            this.signees = new HashSet(10);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized void addSignee(TrustedCertificateInfoImpl trustedCertificateInfoImpl) {
            DefensiveTools.checkNull(trustedCertificateInfoImpl, "signee");
            if (!$assertionsDisabled && !TrustTools.isSigned(getCertificate(), trustedCertificateInfoImpl.getCertificate())) {
                throw new AssertionError();
            }
            this.signees.add(trustedCertificateInfoImpl);
        }

        @Override // net.kano.joustsim.trust.SignerInfo
        public synchronized List<TrustedCertificateInfo> getSignedCerts() {
            return DefensiveTools.getUnmodifiableCopy(this.signees);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized void removeSignee(TrustedCertificateInfo trustedCertificateInfo) {
            DefensiveTools.checkNull(trustedCertificateInfo, "signee");
            this.signees.remove(trustedCertificateInfo);
        }

        static {
            $assertionsDisabled = !TrustedCertificatesTracker.class.desiredAssertionStatus();
        }
    }

    /* loaded from: input_file:net/kano/joustsim/trust/TrustedCertificatesTracker$TrustedCertificateInfoImpl.class */
    public static final class TrustedCertificateInfoImpl extends DefaultCertificateHolder implements TrustedCertificateInfo {
        private boolean explicitlyTrusted;
        private final Set<SignerInfo> signers;

        private TrustedCertificateInfoImpl(X509Certificate x509Certificate) {
            super(x509Certificate);
            this.explicitlyTrusted = false;
            this.signers = new HashSet(5);
        }

        @Override // net.kano.joustsim.trust.TrustedCertificateInfo
        public synchronized boolean isSomehowTrusted() {
            return this.explicitlyTrusted || !this.signers.isEmpty();
        }

        @Override // net.kano.joustsim.trust.TrustedCertificateInfo
        public synchronized boolean isExplicitlyTrusted() {
            return this.explicitlyTrusted;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized void setExplicitlyTrusted(boolean z) {
            this.explicitlyTrusted = z;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized boolean addSigner(SignerInfo signerInfo) {
            DefensiveTools.checkNull(signerInfo, "signer");
            return this.signers.add(signerInfo);
        }

        @Override // net.kano.joustsim.trust.TrustedCertificateInfo
        public synchronized List<SignerInfo> getSigners() {
            return DefensiveTools.getUnmodifiableCopy(this.signers);
        }

        @Override // net.kano.joustsim.trust.TrustedCertificateInfo
        public synchronized boolean isSignedBy(SignerInfo signerInfo) {
            DefensiveTools.checkNull(signerInfo, "signer");
            return this.signers.contains(signerInfo);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public synchronized boolean removeSigner(SignerInfo signerInfo) {
            DefensiveTools.checkNull(signerInfo, "signer");
            return this.signers.remove(signerInfo);
        }
    }

    public TrustedCertificatesTracker(CertificateTrustManager certificateTrustManager, SignerTrustManager signerTrustManager) {
        this.certTrustMgr = certificateTrustManager;
        this.signerTrustMgr = signerTrustManager;
        if (certificateTrustManager != null) {
            certificateTrustManager.addTrustListener(new CertificateTrustListener() { // from class: net.kano.joustsim.trust.TrustedCertificatesTracker.1
                @Override // net.kano.joustsim.trust.CertificateTrustListener
                public void trustAdded(CertificateTrustManager certificateTrustManager2, X509Certificate x509Certificate) {
                    System.out.println("TrustedCertificatesTracker: now trusted: " + x509Certificate.getSubjectDN());
                    TrustedCertificatesTracker.this.certTrustAdded(x509Certificate);
                }

                @Override // net.kano.joustsim.trust.CertificateTrustListener
                public void trustRemoved(CertificateTrustManager certificateTrustManager2, X509Certificate x509Certificate) {
                    TrustedCertificatesTracker.this.certTrustRemoved(x509Certificate);
                }
            });
        } else {
            logger.fine("Warning: Trusted certificates tracker will not track explicitly trusted certificates since the certificate trust manager is null");
        }
        if (signerTrustManager != null) {
            signerTrustManager.addTrustListener(new CertificateTrustListener() { // from class: net.kano.joustsim.trust.TrustedCertificatesTracker.2
                @Override // net.kano.joustsim.trust.CertificateTrustListener
                public void trustAdded(CertificateTrustManager certificateTrustManager2, X509Certificate x509Certificate) {
                    TrustedCertificatesTracker.this.signerTrustAdded(x509Certificate);
                }

                @Override // net.kano.joustsim.trust.CertificateTrustListener
                public void trustRemoved(CertificateTrustManager certificateTrustManager2, X509Certificate x509Certificate) {
                    TrustedCertificatesTracker.this.signerTrustRemoved(x509Certificate);
                }
            });
        } else {
            logger.fine("Warning: Trusted certificates tracker will not track signer-trusted certificates since the signer trust manager is null");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void signerTrustAdded(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        synchronized (this) {
            for (TrustedCertificateInfoImpl trustedCertificateInfoImpl : this.trackedCerts.values()) {
                boolean isSomehowTrusted = trustedCertificateInfoImpl.isSomehowTrusted();
                if (TrustTools.isSigned(x509Certificate, trustedCertificateInfoImpl.getCertificate())) {
                    registerSignerSignee(trustedCertificateInfoImpl, x509Certificate);
                    if (!isSomehowTrusted && trustedCertificateInfoImpl.isSomehowTrusted()) {
                        arrayList.add(trustedCertificateInfoImpl);
                    }
                }
            }
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            fireNowTrustedEvent((TrustedCertificateInfoImpl) it.next());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void signerTrustRemoved(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        synchronized (this) {
            SignerInfoImpl signerInfoImpl = this.signers.get(x509Certificate);
            if (signerInfoImpl == null) {
                return;
            }
            Iterator<TrustedCertificateInfo> it = signerInfoImpl.getSignedCerts().iterator();
            while (it.hasNext()) {
                TrustedCertificateInfoImpl trustedCertificateInfoImpl = (TrustedCertificateInfoImpl) it.next();
                boolean isSomehowTrusted = trustedCertificateInfoImpl.isSomehowTrusted();
                trustedCertificateInfoImpl.removeSigner(signerInfoImpl);
                if (isSomehowTrusted && !trustedCertificateInfoImpl.isSomehowTrusted()) {
                    arrayList.add(trustedCertificateInfoImpl);
                }
            }
            this.signers.remove(x509Certificate);
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                fireNoLongerTrustedEvent((TrustedCertificateInfoImpl) it2.next());
            }
        }
    }

    private void fireNowTrustedEvent(TrustedCertificateInfo trustedCertificateInfo) {
        if (!$assertionsDisabled && Thread.holdsLock(this)) {
            throw new AssertionError();
        }
        Iterator it = this.listeners.iterator();
        while (it.hasNext()) {
            ((TrustedCertificatesListener) it.next()).certificateTrusted(this, trustedCertificateInfo);
        }
    }

    private void fireNoLongerTrustedEvent(TrustedCertificateInfo trustedCertificateInfo) {
        if (!$assertionsDisabled && Thread.holdsLock(this)) {
            throw new AssertionError();
        }
        Iterator it = this.listeners.iterator();
        while (it.hasNext()) {
            ((TrustedCertificatesListener) it.next()).certificateNoLongerTrusted(this, trustedCertificateInfo);
        }
    }

    private synchronized void registerSignerSignee(TrustedCertificateInfoImpl trustedCertificateInfoImpl, X509Certificate x509Certificate) {
        trustedCertificateInfoImpl.addSigner(registerSigner(x509Certificate, trustedCertificateInfoImpl));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void certTrustAdded(X509Certificate x509Certificate) {
        synchronized (this) {
            TrustedCertificateInfoImpl trustedCertificateInfoImpl = this.trackedCerts.get(new DefaultCertificateHolder(x509Certificate));
            if (trustedCertificateInfoImpl == null) {
                return;
            }
            boolean isSomehowTrusted = trustedCertificateInfoImpl.isSomehowTrusted();
            trustedCertificateInfoImpl.setExplicitlyTrusted(true);
            boolean z = !isSomehowTrusted && trustedCertificateInfoImpl.isSomehowTrusted();
            if (z) {
                System.out.println("TrustedCertificatesTracker: cert is now trusted, firing events: " + x509Certificate.getSubjectDN());
                fireNowTrustedEvent(trustedCertificateInfoImpl);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void certTrustRemoved(X509Certificate x509Certificate) {
        synchronized (this) {
            TrustedCertificateInfoImpl trustedCertificateInfoImpl = this.trackedCerts.get(new DefaultCertificateHolder(x509Certificate));
            if (trustedCertificateInfoImpl == null) {
                return;
            }
            boolean isSomehowTrusted = trustedCertificateInfoImpl.isSomehowTrusted();
            trustedCertificateInfoImpl.setExplicitlyTrusted(false);
            boolean z = isSomehowTrusted && !trustedCertificateInfoImpl.isSomehowTrusted();
            if (z) {
                fireNoLongerTrustedEvent(trustedCertificateInfoImpl);
            }
        }
    }

    public void addTrustedCertsListener(TrustedCertificatesListener trustedCertificatesListener) {
        this.listeners.addIfAbsent(trustedCertificatesListener);
    }

    public void removeTrustedCertsListener(TrustedCertificatesListener trustedCertificatesListener) {
        this.listeners.remove(trustedCertificatesListener);
    }

    public boolean addTrackedCertificate(X509Certificate x509Certificate) {
        DefensiveTools.checkNull(x509Certificate, "cert");
        synchronized (this) {
            DefaultCertificateHolder defaultCertificateHolder = new DefaultCertificateHolder(x509Certificate);
            if (this.trackedCerts.containsKey(defaultCertificateHolder)) {
                return false;
            }
            TrustedCertificateInfoImpl trustedCertificateInfoImpl = new TrustedCertificateInfoImpl(x509Certificate);
            CertificateTrustManager certificateTrustManager = this.certTrustMgr;
            trustedCertificateInfoImpl.setExplicitlyTrusted(certificateTrustManager != null ? certificateTrustManager.isTrusted(x509Certificate) : false);
            SignerTrustManager signerTrustManager = this.signerTrustMgr;
            if (signerTrustManager != null) {
                for (X509Certificate x509Certificate2 : signerTrustManager.getTrustedSigners(x509Certificate)) {
                    if (x509Certificate2 != null) {
                        registerSignerSignee(trustedCertificateInfoImpl, x509Certificate2);
                    }
                }
            }
            this.trackedCerts.put(defaultCertificateHolder, trustedCertificateInfoImpl);
            boolean isSomehowTrusted = trustedCertificateInfoImpl.isSomehowTrusted();
            if (!isSomehowTrusted) {
                return true;
            }
            System.out.println("TrustedCertificatesTracker: cert " + x509Certificate.getSubjectDN() + " is now trusted");
            fireNowTrustedEvent(trustedCertificateInfoImpl);
            return true;
        }
    }

    private synchronized SignerInfo registerSigner(X509Certificate x509Certificate, TrustedCertificateInfoImpl trustedCertificateInfoImpl) {
        DefensiveTools.checkNull(x509Certificate, "signer");
        DefensiveTools.checkNull(trustedCertificateInfoImpl, "signee");
        SignerInfoImpl signerInfoInstance = getSignerInfoInstance(x509Certificate);
        signerInfoInstance.addSignee(trustedCertificateInfoImpl);
        return signerInfoInstance;
    }

    private SignerInfoImpl getSignerInfoInstance(X509Certificate x509Certificate) {
        if (!$assertionsDisabled && !Thread.holdsLock(this)) {
            throw new AssertionError();
        }
        SignerInfoImpl signerInfoImpl = this.signers.get(x509Certificate);
        if (signerInfoImpl == null) {
            signerInfoImpl = new SignerInfoImpl(x509Certificate);
            this.signers.put(x509Certificate, signerInfoImpl);
        }
        return signerInfoImpl;
    }

    public boolean removeTrackedCertificate(X509Certificate x509Certificate) {
        DefensiveTools.checkNull(x509Certificate, "cert");
        synchronized (this) {
            TrustedCertificateInfoImpl remove = this.trackedCerts.remove(new DefaultCertificateHolder(x509Certificate));
            if (remove == null) {
                return false;
            }
            boolean isSomehowTrusted = remove.isSomehowTrusted();
            Iterator<SignerInfo> it = remove.getSigners().iterator();
            while (it.hasNext()) {
                ((SignerInfoImpl) it.next()).removeSignee(remove);
            }
            if (!isSomehowTrusted) {
                return true;
            }
            fireNoLongerTrustedEvent(remove);
            return true;
        }
    }

    public synchronized boolean isTrusted(X509Certificate x509Certificate) {
        TrustedCertificateInfoImpl trustedCertificateInfoImpl = this.trackedCerts.get(new DefaultCertificateHolder(x509Certificate));
        if (trustedCertificateInfoImpl == null) {
            return false;
        }
        return trustedCertificateInfoImpl.isSomehowTrusted();
    }

    static {
        $assertionsDisabled = !TrustedCertificatesTracker.class.desiredAssertionStatus();
        logger = Logger.getLogger(TrustedCertificatesTracker.class.getName());
    }
}
