package weblogic.security.utils;

import com.rsa.certj.cert.AttributeValueAssertion;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.X500Name;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.ListIterator;
import java.util.Vector;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.security.cert.CertificateException;
import javax.security.cert.X509Certificate;
import weblogic.security.MessageDigest;
import weblogic.security.WLMessageDigest;

/* loaded from: input_file:weblogic/security/utils/SSLCertUtility.class */
public final class SSLCertUtility {
    public static X509Certificate toJavaX509(Certificate certificate) {
        try {
            return X509Certificate.getInstance(certificate.getEncoded());
        } catch (CertificateEncodingException | javax.security.cert.CertificateEncodingException | CertificateException e) {
            return null;
        }
    }

    public static X509Certificate[] toJavaX509(Certificate[] certificateArr) {
        if (certificateArr == null) {
            return null;
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
        for (int i = 0; i < x509CertificateArr.length; i++) {
            x509CertificateArr[i] = toJavaX509(certificateArr[i]);
            if (x509CertificateArr[i] == null) {
                return null;
            }
        }
        return x509CertificateArr;
    }

    public static java.security.cert.X509Certificate[] toJavaX5092(Certificate[] certificateArr) throws IOException {
        if (certificateArr == null) {
            return null;
        }
        if (certificateArr instanceof java.security.cert.X509Certificate[]) {
            return (java.security.cert.X509Certificate[]) certificateArr;
        }
        try {
            java.security.cert.X509Certificate[] x509CertificateArr = new java.security.cert.X509Certificate[certificateArr.length];
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < certificateArr.length; i++) {
                x509CertificateArr[i] = (java.security.cert.X509Certificate) (certificateArr[i] instanceof java.security.cert.X509Certificate ? certificateArr[i] : certificateFactory.generateCertificate(new ByteArrayInputStream(certificateArr[i].getEncoded())));
            }
            return x509CertificateArr;
        } catch (java.security.cert.CertificateException e) {
            SSLSetup.info(e, "Exception processing certificates: " + e.getMessage());
            return null;
        }
    }

    public static java.security.cert.X509Certificate toX509(Certificate certificate) throws java.security.cert.CertificateException {
        if (certificate == null) {
            return null;
        }
        return certificate instanceof java.security.cert.X509Certificate ? (java.security.cert.X509Certificate) certificate : (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
    }

    public static java.security.cert.X509Certificate toJavaX509(X509Certificate x509Certificate) throws java.security.cert.CertificateException, IOException, javax.security.cert.CertificateEncodingException {
        return (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
    }

    public static java.security.cert.X509Certificate[] toJavaX509(X509Certificate[] x509CertificateArr) throws java.security.cert.CertificateException, IOException, javax.security.cert.CertificateEncodingException {
        java.security.cert.X509Certificate[] x509CertificateArr2 = new java.security.cert.X509Certificate[x509CertificateArr.length];
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        for (int i = 0; i < x509CertificateArr2.length; i++) {
            x509CertificateArr2[i] = (java.security.cert.X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertificateArr[i].getEncoded()));
        }
        return x509CertificateArr2;
    }

    public static java.security.cert.X509Certificate getPeerLeafCert(SSLSocket sSLSocket) {
        return getPeerLeafCert(sSLSocket.getSession());
    }

    public static java.security.cert.X509Certificate getPeerLeafCert(SSLSession sSLSession) {
        try {
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0) {
                return null;
            }
            return toX509(peerCertificates[0]);
        } catch (java.security.cert.CertificateException | SSLPeerUnverifiedException e) {
            return null;
        }
    }

    public static java.security.cert.X509Certificate[] getPeerCertChain(SSLSocket sSLSocket) {
        try {
            return toJavaX5092(sSLSocket.getSession().getPeerCertificates());
        } catch (SSLPeerUnverifiedException | IOException e) {
            return null;
        }
    }

    public static com.rsa.certj.cert.X509Certificate toCertJ(java.security.cert.X509Certificate x509Certificate) throws CertificateEncodingException, com.rsa.certj.cert.CertificateException {
        return new com.rsa.certj.cert.X509Certificate(x509Certificate.getEncoded(), 0, 0);
    }

    public static X500Name getSubjectX500Name(java.security.cert.X509Certificate x509Certificate) throws CertificateEncodingException, com.rsa.certj.cert.CertificateException {
        return toCertJ(x509Certificate).getSubjectName();
    }

    public static String getSubjectDNValue(X500Name x500Name, int i) throws CertificateEncodingException, com.rsa.certj.cert.CertificateException, NameException {
        AttributeValueAssertion attribute = x500Name.getAttribute(i);
        if (attribute == null) {
            return null;
        }
        return attribute.getStringAttribute();
    }

    public static String getSubjectDNValue(java.security.cert.X509Certificate x509Certificate, int i) throws CertificateEncodingException, com.rsa.certj.cert.CertificateException, NameException {
        return getSubjectDNValue(getSubjectX500Name(x509Certificate), i);
    }

    public static String getSubjectDNCommonName(java.security.cert.X509Certificate x509Certificate) throws CertificateEncodingException, com.rsa.certj.cert.CertificateException, NameException {
        return getSubjectDNValue(x509Certificate, 0);
    }

    public static java.security.cert.X509Certificate[] inputCertificateChain(SSLContextWrapper sSLContextWrapper, InputStream inputStream) throws IOException, KeyManagementException {
        InputStreamCloner inputStreamCloner = new InputStreamCloner(inputStream);
        try {
            return sSLContextWrapper.inputCertChain(inputStreamCloner.cloneStream());
        } catch (IOException e) {
            throw new KeyManagementException(e.getMessage());
        } catch (KeyManagementException e2) {
            try {
                return new java.security.cert.X509Certificate[]{(java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStreamCloner.cloneStream())};
            } catch (IOException | CertificateEncodingException | java.security.cert.CertificateException e3) {
                throw e2;
            }
        }
    }

    public static Collection getX509Certificates(KeyStore keyStore) throws KeyStoreException {
        ArrayList arrayList = new ArrayList();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate instanceof java.security.cert.X509Certificate) {
                    arrayList.add(certificate);
                }
            }
        }
        return arrayList;
    }

    public static byte[] getFingerprint(Certificate certificate) throws CertificateEncodingException {
        MessageDigest wLMessageDigest = WLMessageDigest.getInstance("MD5");
        wLMessageDigest.update(certificate.getEncoded());
        return wLMessageDigest.digest();
    }

    public static String getCommonName(java.security.cert.X509Certificate x509Certificate) {
        String name;
        int indexOf;
        int i;
        String str = null;
        if (x509Certificate != null && (indexOf = (name = x509Certificate.getSubjectX500Principal().getName()).indexOf("CN=")) >= 0) {
            boolean z = false;
            int i2 = indexOf + 3;
            int indexOf2 = name.indexOf(44, i2);
            while (true) {
                i = indexOf2;
                if (i <= 0 || name.charAt(i - 1) != '\\') {
                    break;
                }
                z = true;
                indexOf2 = name.indexOf(",", i + 1);
            }
            if (i < 0) {
                i = name.length();
            }
            str = name.substring(i2, i);
            if (z) {
                int length = str.length();
                StringBuffer stringBuffer = new StringBuffer(length);
                int i3 = 0;
                while (i3 < length) {
                    char charAt = str.charAt(i3);
                    if (charAt == '\\') {
                        i3++;
                        if (i3 == length) {
                            break;
                        }
                        charAt = str.charAt(i3);
                    }
                    stringBuffer.append(charAt);
                    i3++;
                }
                str = stringBuffer.toString();
            }
        }
        return str;
    }

    public static String getCommonName(SSLSession sSLSession) {
        return getCommonName(getPeerLeafCert(sSLSession));
    }

    public static Collection getDNSSubjAltNames(SSLSession sSLSession) {
        Collection<List<?>> collection = null;
        try {
            collection = getPeerLeafCert(sSLSession).getSubjectAlternativeNames();
            if (collection == null) {
                return collection;
            }
            Vector vector = new Vector();
            Iterator<List<?>> it = collection.iterator();
            while (it.hasNext()) {
                ListIterator<?> listIterator = it.next().listIterator();
                while (listIterator.hasNext()) {
                    Object next = listIterator.next();
                    if ((next instanceof Integer) && ((Integer) next).intValue() == 2 && listIterator.hasNext()) {
                        vector.add((String) listIterator.next());
                    }
                }
            }
            return vector;
        } catch (CertificateParsingException e) {
            return collection;
        }
    }
}
