package org.jivesoftware.util.cert;

import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/util/cert/SANCertificateIdentityMapping.class */
public class SANCertificateIdentityMapping implements CertificateIdentityMapping {
    private static final Logger Log = LoggerFactory.getLogger(SANCertificateIdentityMapping.class);
    public static final String OTHERNAME_XMPP_OID = "1.3.6.1.5.5.7.8.5";
    public static final String OTHERNAME_SRV_OID = "1.3.6.1.5.5.7.8.7";

    @Override // org.jivesoftware.util.cert.CertificateIdentityMapping
    public List<String> mapIdentity(X509Certificate x509Certificate) {
        Collection<List<?>> subjectAlternativeNames;
        String str;
        ArrayList arrayList = new ArrayList();
        try {
            subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        } catch (CertificateParsingException e) {
            Log.error("Error parsing SubjectAltName in certificate: " + x509Certificate.getSubjectDN(), (Throwable) e);
        }
        if (subjectAlternativeNames == null) {
            return Collections.emptyList();
        }
        for (List<?> list : subjectAlternativeNames) {
            Integer num = (Integer) list.get(0);
            Object obj = list.get(1);
            switch (num.intValue()) {
                case 0:
                    str = parseOtherName((byte[]) obj);
                    break;
                case 2:
                    str = (String) obj;
                    break;
                case 6:
                    str = (String) obj;
                    break;
                default:
                    str = null;
                    break;
            }
            if (str != null) {
                arrayList.add(str);
            }
        }
        return arrayList;
    }

    @Override // org.jivesoftware.util.cert.CertificateIdentityMapping
    public String name() {
        return "Subject Alternative Name Mapping";
    }

    public static String parseOtherName(byte[] bArr) {
        ASN1InputStream aSN1InputStream;
        Throwable th;
        ASN1ObjectIdentifier objectAt;
        ASN1TaggedObject objectAt2;
        int tagNo;
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        try {
            aSN1InputStream = new ASN1InputStream(bArr);
            th = null;
            try {
                ASN1Sequence readObject = aSN1InputStream.readObject();
                objectAt = readObject.getObjectAt(0);
                objectAt2 = readObject.getObjectAt(1);
                tagNo = objectAt2.getTagNo();
            } finally {
            }
        } catch (Exception e) {
            Log.warn("Unable to parse a byte array (of length {}) as a subjectAltName 'otherName'. It is ignored.", Integer.valueOf(bArr.length), e);
            return null;
        }
        if (tagNo != 0) {
            throw new IllegalArgumentException("subjectAltName 'otherName' sequence's second object is expected to be a tagged value of which the tag number is 0. The tag number that was detected: " + tagNo);
        }
        ASN1Primitive object = objectAt2.getObject();
        String id = objectAt.getId();
        boolean z = -1;
        switch (id.hashCode()) {
            case 767061161:
                if (id.equals(OTHERNAME_XMPP_OID)) {
                    z = true;
                    break;
                }
                break;
            case 767061163:
                if (id.equals(OTHERNAME_SRV_OID)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                String parseOtherNameDnsSrv = parseOtherNameDnsSrv(object);
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
                return parseOtherNameDnsSrv;
            case true:
                String parseOtherNameXmppAddr = parseOtherNameXmppAddr(object);
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
                return parseOtherNameXmppAddr;
            default:
                Log.debug("Ignoring subjectAltName 'otherName' type-id '{}' that's neither id-on-xmppAddr nor id-on-dnsSRV.", objectAt.getId());
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
                return null;
        }
        Log.warn("Unable to parse a byte array (of length {}) as a subjectAltName 'otherName'. It is ignored.", Integer.valueOf(bArr.length), e);
        return null;
    }

    public static String parseOtherNameDnsSrv(ASN1Primitive aSN1Primitive) {
        String string = ((ASN1String) aSN1Primitive).getString();
        if (string.toLowerCase().startsWith("_xmpp-server.")) {
            return string.substring("_xmpp-server.".length());
        }
        if (string.toLowerCase().startsWith("_xmpp-client.")) {
            return string.substring("_xmpp-client.".length());
        }
        Log.debug("srvName value '{}' of id-on-dnsSRV record is neither _xmpp-server nor _xmpp-client. It is being ignored.", string);
        return null;
    }

    public static String parseOtherNameXmppAddr(ASN1Primitive aSN1Primitive) {
        return ((ASN1String) aSN1Primitive).getString();
    }
}
