package org.zodiac.commons.crypto.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;

/* loaded from: input_file:org/zodiac/commons/crypto/ssl/SSLCertificate.class */
public class SSLCertificate {
    public static final String X509EXT_OID_SAN = "2.5.29.17";
    public static final int X509EXT_SAN_RFC822NAME = 1;
    public static final int X509EXT_SAN_DNSNAME = 2;
    public static final int X509EXT_SAN_DTORYNAME = 4;
    public static final int X509EXT_SAN_IPADDR = 7;
    private static final String FACTORY_X509 = "X.509";

    public static Certificate load(CertificateFactory certificateFactory, InputStream inputStream) throws CertificateException {
        if (certificateFactory == null) {
            certificateFactory = CertificateFactory.getInstance(FACTORY_X509);
        }
        return certificateFactory.generateCertificate(inputStream);
    }

    public static X509Certificate loadX509(CertificateFactory certificateFactory, File file) throws IOException, CertificateException {
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            X509Certificate x509Certificate = (X509Certificate) X509Certificate.class.cast(load(certificateFactory, fileInputStream));
            fileInputStream.close();
            return x509Certificate;
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public static X509Certificate loadX509(CertificateFactory certificateFactory, URL url) throws IOException, CertificateException {
        InputStream openStream = url.openStream();
        try {
            X509Certificate x509Certificate = (X509Certificate) X509Certificate.class.cast(load(certificateFactory, openStream));
            openStream.close();
            return x509Certificate;
        } catch (Throwable th) {
            openStream.close();
            throw th;
        }
    }

    public static boolean matchSubjectHost(X509Certificate x509Certificate, String str) throws CertificateParsingException {
        Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
        if (subjectAlternativeNames != null) {
            for (List<?> list : subjectAlternativeNames) {
                if (((Integer) Integer.class.cast(list.get(0))).intValue() == 2 && str.equalsIgnoreCase((String) String.class.cast(list.get(1)))) {
                    return true;
                }
            }
        }
        return str.equalsIgnoreCase(getCN(x509Certificate));
    }

    public static String getCN(X509Certificate x509Certificate) {
        String name = x509Certificate.getSubjectDN().getName();
        int indexOf = name.indexOf("CN=");
        if (indexOf == -1) {
            return null;
        }
        int indexOf2 = name.indexOf(44, indexOf);
        if (indexOf2 == -1) {
            indexOf2 = name.length();
        }
        return name.substring(indexOf + "CN=".length(), indexOf2);
    }
}
