package io.opentelemetry.testing.internal.armeria.internal.common.util;

import io.opentelemetry.testing.internal.armeria.common.annotation.Nullable;
import io.opentelemetry.testing.internal.armeria.internal.shaded.bouncycastle.asn1.x500.style.BCStyle;
import io.opentelemetry.testing.internal.armeria.internal.shaded.bouncycastle.asn1.x500.style.IETFUtils;
import io.opentelemetry.testing.internal.armeria.internal.shaded.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import io.opentelemetry.testing.internal.armeria.internal.shaded.caffeine.cache.Caffeine;
import io.opentelemetry.testing.internal.armeria.internal.shaded.caffeine.cache.LoadingCache;
import io.opentelemetry.testing.internal.armeria.internal.shaded.guava.collect.ImmutableList;
import io.opentelemetry.testing.internal.io.netty.buffer.ByteBufAllocator;
import io.opentelemetry.testing.internal.io.netty.handler.ssl.ApplicationProtocolNegotiator;
import io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext;
import java.io.File;
import java.io.InputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Objects;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSessionContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/opentelemetry/testing/internal/armeria/internal/common/util/CertificateUtil.class */
public final class CertificateUtil {
    private static final Logger logger = LoggerFactory.getLogger(CertificateUtil.class);
    private static final LoadingCache<X509Certificate, String> commonNameCache = Caffeine.newBuilder().weakKeys().build(x509Certificate -> {
        try {
            return IETFUtils.valueToString(new JcaX509CertificateHolder(x509Certificate).getSubject().getRDNs(BCStyle.CN)[0].getFirst().getValue());
        } catch (Exception e) {
            logger.warn("Failed to get the common name from a certificate: {}", x509Certificate, e);
            return null;
        }
    });

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/opentelemetry/testing/internal/armeria/internal/common/util/CertificateUtil$SslContextProtectedAccessHack.class */
    public static final class SslContextProtectedAccessHack extends SslContext {
        private SslContextProtectedAccessHack() {
        }

        static X509Certificate[] toX509CertificateList(File file) throws CertificateException {
            return SslContext.toX509Certificates(file);
        }

        static X509Certificate[] toX509CertificateList(InputStream inputStream) throws CertificateException {
            return SslContext.toX509Certificates(inputStream);
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public boolean isClient() {
            throw new UnsupportedOperationException();
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public List<String> cipherSuites() {
            throw new UnsupportedOperationException();
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public ApplicationProtocolNegotiator applicationProtocolNegotiator() {
            throw new UnsupportedOperationException();
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public SSLEngine newEngine(ByteBufAllocator byteBufAllocator) {
            throw new UnsupportedOperationException();
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public SSLEngine newEngine(ByteBufAllocator byteBufAllocator, String str, int i) {
            throw new UnsupportedOperationException();
        }

        @Override // io.opentelemetry.testing.internal.io.netty.handler.ssl.SslContext
        public SSLSessionContext sessionContext() {
            throw new UnsupportedOperationException();
        }
    }

    @Nullable
    public static String getCommonName(SSLSession sSLSession) {
        Certificate[] localCertificates = sSLSession.getLocalCertificates();
        if (localCertificates == null || localCertificates.length == 0) {
            return null;
        }
        return getCommonName(localCertificates[0]);
    }

    @Nullable
    public static String getCommonName(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return commonNameCache.get((X509Certificate) certificate);
        }
        return null;
    }

    public static List<X509Certificate> toX509Certificates(File file) throws CertificateException {
        Objects.requireNonNull(file, "file");
        return ImmutableList.copyOf(SslContextProtectedAccessHack.toX509CertificateList(file));
    }

    public static List<X509Certificate> toX509Certificates(InputStream inputStream) throws CertificateException {
        Objects.requireNonNull(inputStream, "in");
        return ImmutableList.copyOf(SslContextProtectedAccessHack.toX509CertificateList(inputStream));
    }

    private CertificateUtil() {
    }
}
