package org.wso2.micro.gateway.core.mutualssl;

import java.io.ByteArrayInputStream;
import java.net.URLDecoder;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import javax.security.cert.CertificateEncodingException;
import javax.security.cert.X509Certificate;
import org.apache.commons.codec.binary.Base64;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.wso2.micro.gateway.core.Constants;
import org.wso2.micro.gateway.core.utils.ErrorUtils;

/* loaded from: input_file:org/wso2/micro/gateway/core/mutualssl/CertificateUtils.class */
public class CertificateUtils {
    private static final Logger log = LogManager.getLogger(CertificateUtils.class);

    public static String getAliasFromHeaderCert(String str) {
        try {
            X509Certificate x509Certificate = X509Certificate.getInstance(new ByteArrayInputStream(Base64.decodeBase64(URLDecoder.decode(str).replaceAll(Constants.BEGIN_CERTIFICATE_STRING, Constants.EMPTY).replaceAll(Constants.END_CERTIFICATE_STRING, Constants.EMPTY))));
            return getAliasFromTrustStore(x509Certificate, LoadKeyStore.trustStore) != null ? getAliasFromTrustStore(x509Certificate, LoadKeyStore.trustStore) : Constants.EMPTY;
        } catch (KeyStoreException | CertificateException | javax.security.cert.CertificateException e) {
            log.error("Error while decoding certificate present in the header and validating with the trust store.", e);
            throw ErrorUtils.getBallerinaError("Error while decoding certificate present in the header and validating with the trust store.", e);
        }
    }

    public static String getAliasFromTrustStore(X509Certificate x509Certificate, KeyStore keyStore) throws CertificateException, CertificateEncodingException, KeyStoreException {
        java.security.cert.X509Certificate x509Certificate2 = (java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
        x509Certificate2.checkValidity();
        return keyStore.getCertificateAlias(x509Certificate2);
    }

    public static String getAliasFromRequest(String str) {
        try {
            String certificateAlias = LoadKeyStore.trustStore.getCertificateAlias((java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(java.util.Base64.getDecoder().decode(str))));
            return certificateAlias != null ? certificateAlias : Constants.EMPTY;
        } catch (KeyStoreException | CertificateException e) {
            log.error("Error while decoding certificate present in the context and validating with the trust store.", e);
            throw ErrorUtils.getBallerinaError("Error while decoding certificate present in the context and validating with the trust store.", e);
        }
    }
}
