package com.helger.peppol.utils;

import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.collection.impl.CommonsHashSet;
import com.helger.commons.collection.impl.ICommonsSet;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.concurrent.Immutable;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Immutable
/* loaded from: input_file:WEB-INF/lib/peppol-commons-9.5.0.jar:com/helger/peppol/utils/PeppolCertificateHelper.class */
public final class PeppolCertificateHelper {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) PeppolCertificateHelper.class);

    private PeppolCertificateHelper() {
    }

    @Nullable
    public static String getSubjectCN(@Nullable X509Certificate x509Certificate) {
        if (x509Certificate != null) {
            return getCNOrNull(x509Certificate.getSubjectX500Principal());
        }
        return null;
    }

    @Nullable
    public static String getCNOrNull(@Nullable X500Principal x500Principal) {
        if (x500Principal != null) {
            return getCNOrNull(x500Principal.getName());
        }
        return null;
    }

    @Nullable
    public static String getCNOrNull(@Nullable String str) {
        try {
            return getCN(str);
        } catch (InvalidNameException e) {
            return null;
        }
    }

    @Nullable
    public static String getCN(@Nullable String str) throws InvalidNameException {
        if (str == null) {
            return null;
        }
        for (Rdn rdn : new LdapName(str).getRdns()) {
            if (rdn.getType().equalsIgnoreCase("CN")) {
                return (String) rdn.getValue();
            }
        }
        return null;
    }

    @Nonnull
    @ReturnsMutableCopy
    public static ICommonsSet<X509Certificate> getAllTrustedCertificates(@Nullable KeyStore keyStore) {
        CommonsHashSet commonsHashSet = new CommonsHashSet();
        if (keyStore != null) {
            try {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (keyStore.isCertificateEntry(nextElement)) {
                        Certificate certificate = keyStore.getCertificate(nextElement);
                        if (certificate instanceof X509Certificate) {
                            commonsHashSet.add((X509Certificate) certificate);
                        }
                    }
                }
            } catch (KeyStoreException e) {
                LOGGER.warn("Failed to extract certificates from trust store", (Throwable) e);
            }
        }
        return commonsHashSet;
    }
}
