package org.apache.tomcat.util.net;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.apache.tomcat.jni.SSL;
import org.apache.tomcat.util.net.AprEndpoint;

/* loaded from: input_file:BOOT-INF/lib/tomcat-embed-core-9.0.30.jar:org/apache/tomcat/util/net/AprSSLSupport.class */
public class AprSSLSupport implements SSLSupport {
    private final AprEndpoint.AprSocketWrapper socketWrapper;
    private final String clientCertProvider;

    public AprSSLSupport(AprEndpoint.AprSocketWrapper aprSocketWrapper, String str) {
        this.socketWrapper = aprSocketWrapper;
        this.clientCertProvider = str;
    }

    @Override // org.apache.tomcat.util.net.SSLSupport
    public String getCipherSuite() throws IOException {
        try {
            return this.socketWrapper.getSSLInfoS(2);
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    @Override // org.apache.tomcat.util.net.SSLSupport
    public X509Certificate[] getPeerCertificateChain() throws IOException {
        try {
            int sSLInfoI = this.socketWrapper.getSSLInfoI(1024);
            byte[] sSLInfoB = this.socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT);
            X509Certificate[] x509CertificateArr = null;
            if (sSLInfoB != null) {
                if (sSLInfoI < 0) {
                    sSLInfoI = 0;
                }
                x509CertificateArr = new X509Certificate[sSLInfoI + 1];
                CertificateFactory certificateFactory = this.clientCertProvider == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", this.clientCertProvider);
                x509CertificateArr[0] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(sSLInfoB));
                for (int i = 0; i < sSLInfoI; i++) {
                    x509CertificateArr[i + 1] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(this.socketWrapper.getSSLInfoB(1024 + i)));
                }
            }
            return x509CertificateArr;
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    @Override // org.apache.tomcat.util.net.SSLSupport
    public Integer getKeySize() throws IOException {
        try {
            return Integer.valueOf(this.socketWrapper.getSSLInfoI(3));
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    @Override // org.apache.tomcat.util.net.SSLSupport
    public String getSessionId() throws IOException {
        try {
            return this.socketWrapper.getSSLInfoS(1);
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    @Override // org.apache.tomcat.util.net.SSLSupport
    public String getProtocol() throws IOException {
        try {
            return this.socketWrapper.getSSLInfoS(7);
        } catch (Exception e) {
            throw new IOException(e);
        }
    }
}
