package com.blackducksoftware.common.security.cert;

import com.blackducksoftware.common.base.ExtraStreams;
import com.google.common.base.Preconditions;
import com.google.common.base.Verify;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.stream.Stream;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;

/* loaded from: input_file:BOOT-INF/lib/magpie-0.6.0.jar:com/blackducksoftware/common/security/cert/X509Certificates.class */
public class X509Certificates {
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:BOOT-INF/lib/magpie-0.6.0.jar:com/blackducksoftware/common/security/cert/X509Certificates$GeneralName.class */
    private enum GeneralName {
        other(0, false),
        rfc822Name(1, true),
        dNSName(2, true),
        x400Address(3, false),
        directoryName(4, true),
        ediPartyName(5, false),
        uniformResourceIdentifier(6, true),
        iPAddress(7, true),
        registeredID(8, true);

        private final Integer i;
        private final boolean string;

        GeneralName(int i, boolean z) {
            this.i = Integer.valueOf(i);
            this.string = z;
        }

        public Stream<String> toString(List<?> list) {
            Preconditions.checkState(this.string, "cannot call toString(List<?>) on %s", name());
            verifyGeneralName(list);
            return list.get(0).equals(this.i) ? Stream.of((String) list.get(1)) : Stream.empty();
        }

        public Stream<byte[]> toByteArray(List<?> list) {
            Preconditions.checkState(!this.string, "cannot call toByteArray(List<?>) on %s", name());
            verifyGeneralName(list);
            return list.get(0).equals(this.i) ? Stream.of((byte[]) list.get(1)) : Stream.empty();
        }

        private static void verifyGeneralName(List<?> list) {
            Verify.verify(list.size() == 2);
            Verify.verify(list.get(0) instanceof Integer);
            Verify.verify((list.get(1) instanceof String) || (list.get(1) instanceof byte[]));
        }
    }

    public static Optional<String> subjectCommonName(X509Certificate x509Certificate) {
        try {
            for (Rdn rdn : new LdapName(x509Certificate.getSubjectX500Principal().getName("RFC2253")).getRdns()) {
                if (rdn.getType().equalsIgnoreCase("CN")) {
                    return Optional.of(rdn.getValue().toString());
                }
            }
            return Optional.empty();
        } catch (InvalidNameException e) {
            return Optional.empty();
        }
    }

    public static Stream<byte[]> subjectAlternativeOtherNames(X509Certificate x509Certificate) {
        Stream<List<?>> subjectAlternativeNames = subjectAlternativeNames(x509Certificate);
        GeneralName generalName = GeneralName.other;
        Objects.requireNonNull(generalName);
        return subjectAlternativeNames.flatMap(generalName::toByteArray);
    }

    public static Stream<String> subjectAlternativeRfc822Names(X509Certificate x509Certificate) {
        Stream<List<?>> subjectAlternativeNames = subjectAlternativeNames(x509Certificate);
        GeneralName generalName = GeneralName.rfc822Name;
        Objects.requireNonNull(generalName);
        return subjectAlternativeNames.flatMap(generalName::toString);
    }

    public static Stream<String> subjectAlternativeDnsNames(X509Certificate x509Certificate) {
        Stream<List<?>> subjectAlternativeNames = subjectAlternativeNames(x509Certificate);
        GeneralName generalName = GeneralName.dNSName;
        Objects.requireNonNull(generalName);
        return subjectAlternativeNames.flatMap(generalName::toString);
    }

    private static Stream<List<?>> subjectAlternativeNames(X509Certificate x509Certificate) {
        try {
            return ExtraStreams.streamNullable(x509Certificate.getSubjectAlternativeNames());
        } catch (CertificateParsingException e) {
            return Stream.empty();
        }
    }

    private X509Certificates() {
        if (!$assertionsDisabled) {
            throw new AssertionError();
        }
    }

    static {
        $assertionsDisabled = !X509Certificates.class.desiredAssertionStatus();
    }
}
