package org.wildfly.extension.elytron;

import com.fasterxml.jackson.databind.util.StdDateFormat;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import org.jboss.as.controller.ObjectListAttributeDefinition;
import org.jboss.as.controller.ObjectTypeAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinition;
import org.jboss.as.controller.SimpleAttributeDefinitionBuilder;
import org.jboss.dmr.ModelNode;
import org.jboss.dmr.ModelType;
import org.wildfly.security.util.ByteIterator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:m2repo/org/wildfly/core/wildfly-elytron-integration/3.0.8.Final/wildfly-elytron-integration-3.0.8.Final.jar:org/wildfly/extension/elytron/CertificateChainAttributeDefinitions.class */
public class CertificateChainAttributeDefinitions {
    private static final String SHA_1 = "SHA-1";
    private static final String SHA_256 = "SHA-256";
    private static final SimpleAttributeDefinition TYPE = new SimpleAttributeDefinitionBuilder("type", ModelType.STRING).build();
    private static final SimpleAttributeDefinition ALGORITHM = new SimpleAttributeDefinitionBuilder("algorithm", ModelType.STRING).build();
    private static final SimpleAttributeDefinition FORMAT = new SimpleAttributeDefinitionBuilder("format", ModelType.STRING).build();
    private static final SimpleAttributeDefinition PUBLIC_KEY = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.PUBLIC_KEY, ModelType.STRING).build();
    private static final SimpleAttributeDefinition SHA_1_DIGEST = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SHA_1_DIGEST, ModelType.STRING).build();
    private static final SimpleAttributeDefinition SHA_256_DIGEST = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SHA_256_DIGEST, ModelType.STRING).build();
    private static final SimpleAttributeDefinition ENCODED = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ENCODED, ModelType.STRING).build();
    private static final SimpleAttributeDefinition SUBJECT = new SimpleAttributeDefinitionBuilder("subject", ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition ISSUER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.ISSUER, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition NOT_BEFORE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.NOT_BEFORE, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition NOT_AFTER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.NOT_AFTER, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition SERIAL_NUMBER = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SERIAL_NUMBER, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition SIGNATURE_ALGORITHM = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SIGNATURE_ALGORITHM, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition SIGNATURE = new SimpleAttributeDefinitionBuilder(ElytronDescriptionConstants.SIGNATURE, ModelType.STRING).setRequired(false).build();
    private static final SimpleAttributeDefinition VERSION = new SimpleAttributeDefinitionBuilder("version", ModelType.STRING).setRequired(false).build();
    static final ObjectTypeAttributeDefinition CERTIFICATE = new ObjectTypeAttributeDefinition.Builder(ElytronDescriptionConstants.CERTIFICATE, TYPE, ALGORITHM, FORMAT, PUBLIC_KEY, SHA_1_DIGEST, SHA_256_DIGEST, ENCODED, SUBJECT, ISSUER, NOT_BEFORE, NOT_AFTER, SERIAL_NUMBER, SIGNATURE_ALGORITHM, SIGNATURE, VERSION).setStorageRuntime().build();

    CertificateChainAttributeDefinitions() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    public static ObjectListAttributeDefinition getNamedCertificateList(String str) {
        return ((ObjectListAttributeDefinition.Builder) ((ObjectListAttributeDefinition.Builder) new ObjectListAttributeDefinition.Builder(str, CERTIFICATE).setRequired(false)).setStorageRuntime()).build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void writeCertificate(ModelNode modelNode, Certificate certificate) throws CertificateEncodingException, NoSuchAlgorithmException {
        modelNode.get("type").set(certificate.getType());
        PublicKey publicKey = certificate.getPublicKey();
        modelNode.get("algorithm").set(publicKey.getAlgorithm());
        modelNode.get("format").set(publicKey.getFormat());
        modelNode.get(ElytronDescriptionConstants.PUBLIC_KEY).set(encodedHexString(publicKey.getEncoded()));
        byte[] encoded = certificate.getEncoded();
        modelNode.get(ElytronDescriptionConstants.SHA_1_DIGEST).set(encodedHexString(digest("SHA-1", encoded)));
        modelNode.get(ElytronDescriptionConstants.SHA_256_DIGEST).set(encodedHexString(digest("SHA-256", encoded)));
        modelNode.get(ElytronDescriptionConstants.ENCODED).set(encodedHexString(encoded));
        if (certificate instanceof X509Certificate) {
            writeX509Certificate(modelNode, (X509Certificate) certificate);
        }
    }

    private static void writeX509Certificate(ModelNode modelNode, X509Certificate x509Certificate) throws CertificateEncodingException, NoSuchAlgorithmException {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat(StdDateFormat.DATE_FORMAT_STR_ISO8601);
        modelNode.get("subject").set(x509Certificate.getSubjectX500Principal().getName());
        modelNode.get(ElytronDescriptionConstants.ISSUER).set(x509Certificate.getIssuerX500Principal().getName());
        modelNode.get(ElytronDescriptionConstants.NOT_BEFORE).set(simpleDateFormat.format(x509Certificate.getNotBefore()));
        modelNode.get(ElytronDescriptionConstants.NOT_AFTER).set(simpleDateFormat.format(x509Certificate.getNotAfter()));
        modelNode.get(ElytronDescriptionConstants.SERIAL_NUMBER).set(delimit(x509Certificate.getSerialNumber().toString(16).toCharArray()));
        modelNode.get(ElytronDescriptionConstants.SIGNATURE_ALGORITHM).set(x509Certificate.getSigAlgName());
        modelNode.get(ElytronDescriptionConstants.SIGNATURE).set(encodedHexString(x509Certificate.getSignature()));
        modelNode.get("version").set("v" + x509Certificate.getVersion());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void writeCertificates(ModelNode modelNode, Certificate[] certificateArr) throws CertificateEncodingException, NoSuchAlgorithmException {
        if (certificateArr != null) {
            for (Certificate certificate : certificateArr) {
                ModelNode modelNode2 = new ModelNode();
                writeCertificate(modelNode2, certificate);
                modelNode.add(modelNode2);
            }
        }
    }

    private static byte[] digest(String str, byte[] bArr) throws NoSuchAlgorithmException {
        return MessageDigest.getInstance(str).digest(bArr);
    }

    private static String encodedHexString(byte[] bArr) {
        return delimit(ByteIterator.ofBytes(bArr).hexEncode().drainToString().toCharArray());
    }

    private static String delimit(char[] cArr) {
        StringBuilder sb = new StringBuilder();
        int i = 1;
        if (cArr.length % 2 != 0) {
            sb.append('0');
            i = 1 + 1;
        }
        for (int i2 = 0; i2 < cArr.length; i2++) {
            sb.append(cArr[i2]);
            if (i2 + 1 < cArr.length && (i2 + i) % 2 == 0) {
                sb.append(':');
            }
        }
        return sb.toString();
    }
}
