package org.zowe.apiml;

import java.io.PrintStream;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:org/zowe/apiml/LocalVerifier.class */
public class LocalVerifier implements Verifier {
    private Stores stores;

    public LocalVerifier(Stores stores) {
        this.stores = stores;
    }

    @Override // org.zowe.apiml.Verifier
    public void verify() {
        System.out.println("=============");
        System.out.println("Verifying keystore: " + this.stores.getConf().getKeyStore() + "  against truststore: " + this.stores.getConf().getTrustStore());
        try {
            String keyAlias = this.stores.getConf().getKeyAlias();
            Map<String, Certificate> listOfCertificates = this.stores.getListOfCertificates();
            X509Certificate x509Certificate = this.stores.getX509Certificate(keyAlias);
            for (Map.Entry<String, Certificate> entry : listOfCertificates.entrySet()) {
                try {
                    x509Certificate.verify(entry.getValue().getPublicKey());
                } catch (Exception e) {
                }
                if (entry.getValue() instanceof X509Certificate) {
                    X509Certificate x509Certificate2 = (X509Certificate) entry.getValue();
                    System.out.println("Trusted certificate is stored under alias: " + entry.getKey());
                    System.out.println("Certificate authority: " + x509Certificate2.getSubjectDN());
                    System.out.println("Details about valid certificate:");
                    printDetails(keyAlias);
                    return;
                }
            }
            System.err.println("No trusted certificate found. Add " + x509Certificate.getIssuerDN() + " certificate authority to the trust store ");
        } catch (KeyStoreException e2) {
            System.err.println("Error loading secret from keystore" + e2.getMessage());
        }
    }

    void printDetails(String str) throws KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) this.stores.getKeyStore().getCertificateChain(str)[0];
        try {
            System.out.println("++++++++");
            System.out.println("Possible hostname values:");
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            PrintStream printStream = System.out;
            printStream.getClass();
            subjectAlternativeNames.forEach((v1) -> {
                r1.println(v1);
            });
            if (x509Certificate.getExtendedKeyUsage().contains("1.3.6.1.5.5.7.3.2")) {
                System.out.println("Certificate can be used for client authentication.");
            } else {
                System.out.println("Certificate can't be used for client authentication. Provide certificate with extended key usage: 1.3.6.1.5.5.7.3.2");
            }
            System.out.println("++++++++");
        } catch (CertificateParsingException e) {
            System.err.println(e.getMessage());
        }
    }
}
