package otoroshi.ssl;

import akka.util.ByteString$;
import java.io.ByteArrayInputStream;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.openssl.PEMParser;
import otoroshi.utils.http.DN;
import play.api.Logger;
import play.api.Logger$;
import play.api.libs.json.JsArray$;
import play.api.libs.json.JsNull$;
import play.api.libs.json.JsReadable;
import play.api.libs.json.JsString;
import play.api.libs.json.JsValue;
import play.api.libs.json.Json$;
import play.api.libs.json.Reads$;
import play.api.libs.json.Writes$;
import scala.Array$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Tuple2;
import scala.collection.JavaConverters$;
import scala.collection.Seq;
import scala.collection.Seq$;
import scala.collection.TraversableLike;
import scala.collection.immutable.Nil$;
import scala.collection.immutable.StringOps;
import scala.collection.mutable.ArrayOps;
import scala.collection.mutable.SetLike;
import scala.reflect.ClassTag$;
import scala.runtime.BoxesRunTime;

/* compiled from: ssl.scala */
/* loaded from: input_file:otoroshi/ssl/CertificateData$.class */
public final class CertificateData$ {
    public static CertificateData$ MODULE$;
    private final Logger logger;
    private final Base64.Encoder encoder;
    private final CertificateFactory certificateFactory;

    static {
        new CertificateData$();
    }

    private Logger logger() {
        return this.logger;
    }

    private Base64.Encoder encoder() {
        return this.encoder;
    }

    private CertificateFactory certificateFactory() {
        return this.certificateFactory;
    }

    private byte[] base64Decode(String str) {
        return Base64.getMimeDecoder().decode(str.getBytes(StandardCharsets.US_ASCII));
    }

    public JsValue apply(String str) {
        String sb = new StringBuilder(2).append(PemHeaders$.MODULE$.BeginCertificate()).append("\n").append(str).append("\n").append(PemHeaders$.MODULE$.EndCertificate()).toString();
        X509Certificate x509Certificate = (X509Certificate) certificateFactory().generateCertificate(new ByteArrayInputStream(base64Decode(str.replace(PemHeaders$.MODULE$.BeginCertificate(), "").replace(PemHeaders$.MODULE$.EndCertificate(), ""))));
        Seq<String> altNames$extension = SSLImplicits$EnhancedX509Certificate$.MODULE$.altNames$extension(SSLImplicits$.MODULE$.EnhancedX509Certificate(x509Certificate));
        Option<String> rawDomain$extension = SSLImplicits$EnhancedX509Certificate$.MODULE$.rawDomain$extension(SSLImplicits$.MODULE$.EnhancedX509Certificate(x509Certificate));
        String domain$extension = SSLImplicits$EnhancedX509Certificate$.MODULE$.domain$extension(SSLImplicits$.MODULE$.EnhancedX509Certificate(x509Certificate));
        PEMParser pEMParser = new PEMParser(new StringReader(sb));
        X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) pEMParser.readObject();
        pEMParser.close();
        boolean contains = new ArrayOps.ofRef(Predef$.MODULE$.refArrayOps((KeyPurposeId[]) Option$.MODULE$.apply(x509CertificateHolder.getExtensions()).flatMap(extensions -> {
            return Option$.MODULE$.apply(ExtendedKeyUsage.fromExtensions(extensions));
        }).map(extendedKeyUsage -> {
            return extendedKeyUsage.getUsages();
        }).getOrElse(() -> {
            return (KeyPurposeId[]) Array$.MODULE$.empty(ClassTag$.MODULE$.apply(KeyPurposeId.class));
        }))).contains(KeyPurposeId.id_kp_clientAuth);
        Json$ json$ = Json$.MODULE$;
        Predef$ predef$ = Predef$.MODULE$;
        Tuple2[] tuple2Arr = new Tuple2[22];
        tuple2Arr[0] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("issuerDN"), Json$.MODULE$.toJsFieldJsValueWrapper(new DN(x509Certificate.getIssuerDN().getName()).stringify(), Writes$.MODULE$.StringWrites()));
        tuple2Arr[1] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("notAfter"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToLong(x509Certificate.getNotAfter().getTime()), Writes$.MODULE$.LongWrites()));
        tuple2Arr[2] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("notBefore"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToLong(x509Certificate.getNotBefore().getTime()), Writes$.MODULE$.LongWrites()));
        tuple2Arr[3] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("serialNumber"), Json$.MODULE$.toJsFieldJsValueWrapper(x509Certificate.getSerialNumber().toString(16), Writes$.MODULE$.StringWrites()));
        tuple2Arr[4] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("serialNumberLng"), Json$.MODULE$.toJsFieldJsValueWrapper(x509Certificate.getSerialNumber(), Writes$.MODULE$.BigIntegerWrites()));
        tuple2Arr[5] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("sigAlgName"), Json$.MODULE$.toJsFieldJsValueWrapper(x509Certificate.getSigAlgName(), Writes$.MODULE$.StringWrites()));
        tuple2Arr[6] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("sigAlgOID"), Json$.MODULE$.toJsFieldJsValueWrapper(x509Certificate.getSigAlgOID(), Writes$.MODULE$.StringWrites()));
        tuple2Arr[7] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("_signature"), Json$.MODULE$.toJsFieldJsValueWrapper(new String(encoder().encode(x509Certificate.getSignature())), Writes$.MODULE$.StringWrites()));
        tuple2Arr[8] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("signature"), Json$.MODULE$.toJsFieldJsValueWrapper(new StringOps(Predef$.MODULE$.augmentString(DigestUtils.sha256Hex(x509Certificate.getSignature()).toUpperCase())).grouped(2).mkString(":"), Writes$.MODULE$.StringWrites()));
        tuple2Arr[9] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subjectDN"), Json$.MODULE$.toJsFieldJsValueWrapper(new DN(x509Certificate.getSubjectDN().getName()).stringify(), Writes$.MODULE$.StringWrites()));
        tuple2Arr[10] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("domain"), Json$.MODULE$.toJsFieldJsValueWrapper(domain$extension, Writes$.MODULE$.StringWrites()));
        tuple2Arr[11] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("rawDomain"), Json$.MODULE$.toJsFieldJsValueWrapper(((JsReadable) rawDomain$extension.map(str2 -> {
            return new JsString(str2);
        }).getOrElse(() -> {
            return JsNull$.MODULE$;
        })).as(Reads$.MODULE$.JsValueReads()), Writes$.MODULE$.jsValueWrites()));
        tuple2Arr[12] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("version"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToInteger(x509Certificate.getVersion()), Writes$.MODULE$.IntWrites()));
        tuple2Arr[13] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("type"), Json$.MODULE$.toJsFieldJsValueWrapper(x509Certificate.getType(), Writes$.MODULE$.StringWrites()));
        tuple2Arr[14] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("publicKey"), Json$.MODULE$.toJsFieldJsValueWrapper(SSLImplicits$EnhancedPublicKey$.MODULE$.asPem$extension(SSLImplicits$.MODULE$.EnhancedPublicKey(x509Certificate.getPublicKey())), Writes$.MODULE$.StringWrites()));
        tuple2Arr[15] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("selfSigned"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToBoolean(DynamicSSLEngineProvider$.MODULE$.isSelfSigned(x509Certificate)), Writes$.MODULE$.BooleanWrites()));
        tuple2Arr[16] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("constraints"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToInteger(x509Certificate.getBasicConstraints()), Writes$.MODULE$.IntWrites()));
        tuple2Arr[17] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("ca"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToBoolean(x509Certificate.getBasicConstraints() != -1), Writes$.MODULE$.BooleanWrites()));
        tuple2Arr[18] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("client"), Json$.MODULE$.toJsFieldJsValueWrapper(BoxesRunTime.boxToBoolean(contains), Writes$.MODULE$.BooleanWrites()));
        tuple2Arr[19] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("subAltNames"), Json$.MODULE$.toJsFieldJsValueWrapper(JsArray$.MODULE$.apply((Seq) altNames$extension.map(str3 -> {
            return new JsString(str3);
        }, Seq$.MODULE$.canBuildFrom())), Writes$.MODULE$.jsValueWrites()));
        tuple2Arr[20] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("cExtensions"), Json$.MODULE$.toJsFieldJsValueWrapper(JsArray$.MODULE$.apply((Seq) ((TraversableLike) Option$.MODULE$.apply(x509Certificate.getCriticalExtensionOIDs()).map(set -> {
            return ((SetLike) JavaConverters$.MODULE$.asScalaSetConverter(set).asScala()).toSeq();
        }).getOrElse(() -> {
            return Nil$.MODULE$;
        })).map(str4 -> {
            return Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("oid"), Json$.MODULE$.toJsFieldJsValueWrapper(str4, Writes$.MODULE$.StringWrites())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("value"), Json$.MODULE$.toJsFieldJsValueWrapper((String) Option$.MODULE$.apply(x509Certificate.getExtensionValue(str4)).map(bArr -> {
                return ByteString$.MODULE$.apply(bArr).utf8String();
            }).getOrElse(() -> {
                return "--";
            }), Writes$.MODULE$.StringWrites()))}));
        }, Seq$.MODULE$.canBuildFrom())), Writes$.MODULE$.jsValueWrites()));
        tuple2Arr[21] = Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("ncExtensions"), Json$.MODULE$.toJsFieldJsValueWrapper(JsArray$.MODULE$.apply((Seq) ((TraversableLike) Option$.MODULE$.apply(x509Certificate.getNonCriticalExtensionOIDs()).map(set2 -> {
            return ((SetLike) JavaConverters$.MODULE$.asScalaSetConverter(set2).asScala()).toSeq();
        }).getOrElse(() -> {
            return Nil$.MODULE$;
        })).map(str5 -> {
            return Json$.MODULE$.obj(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("oid"), Json$.MODULE$.toJsFieldJsValueWrapper(str5, Writes$.MODULE$.StringWrites())), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.ArrowAssoc("value"), Json$.MODULE$.toJsFieldJsValueWrapper((String) Option$.MODULE$.apply(x509Certificate.getExtensionValue(str5)).map(bArr -> {
                return ByteString$.MODULE$.apply(bArr).utf8String();
            }).getOrElse(() -> {
                return "--";
            }), Writes$.MODULE$.StringWrites()))}));
        }, Seq$.MODULE$.canBuildFrom())), Writes$.MODULE$.jsValueWrites()));
        return json$.obj(predef$.wrapRefArray(tuple2Arr));
    }

    private CertificateData$() {
        MODULE$ = this;
        this.logger = Logger$.MODULE$.apply("otoroshi-cert-data");
        this.encoder = Base64.getEncoder();
        this.certificateFactory = CertificateFactory.getInstance("X.509");
    }
}
