package ruukas.infinity.util;

import java.io.BufferedInputStream;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManagerFactory;
import ruukas.infinity.Infinity;

/* loaded from: input_file:ruukas/infinity/util/CertificateHandler.class */
public class CertificateHandler {
    public static void addLetsEncryptCertificate() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(Files.newInputStream(Paths.get(System.getProperty("java.home"), "lib", "security", "cacerts"), new OpenOption[0]), "changeit".toCharArray());
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            BufferedInputStream bufferedInputStream = new BufferedInputStream(CertificateHandler.class.getResourceAsStream("/assets/infinity/cert/lets-encrypt-x3-cross-signed.der"));
            Certificate generateCertificate = certificateFactory.generateCertificate(bufferedInputStream);
            Infinity.logger.info("Added Certificate for " + ((X509Certificate) generateCertificate).getSubjectDN());
            keyStore.setCertificateEntry("lets-encrypt-x3-cross-signed", generateCertificate);
            bufferedInputStream.close();
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            SSLContext.setDefault(sSLContext);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void testIfNeedsCert() throws IOException {
        try {
            new URL("https://minecraft-heads.com/scripts/api.php").openConnection().connect();
            Infinity.logger.info("Head API connection test was successfully passed.");
        } catch (SSLHandshakeException e) {
            Infinity.logger.warn("Failed connection to Head API. You might be running an outdated java version. Attempting to add Let's Encrypt certificate...");
            addLetsEncryptCertificate();
        }
    }
}
