package net.snowflake.client.jdbc.diagnostic;

import java.net.Socket;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedTrustManager;
import net.snowflake.client.jdbc.internal.amazonaws.auth.internal.SignerConstants;
import net.snowflake.client.log.SFLogger;
import net.snowflake.client.log.SFLoggerFactory;

/* loaded from: input_file:net/snowflake/client/jdbc/diagnostic/DiagnosticTrustManager.class */
class DiagnosticTrustManager extends X509ExtendedTrustManager {
    private static final SFLogger logger = SFLoggerFactory.getLogger((Class<?>) DiagnosticTrustManager.class);

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        printCertificates(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509ExtendedTrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) {
        printCertificates(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509ExtendedTrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) {
        printCertificates(x509CertificateArr);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
    }

    @Override // javax.net.ssl.X509ExtendedTrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, Socket socket) {
    }

    @Override // javax.net.ssl.X509ExtendedTrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str, SSLEngine sSLEngine) {
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return new X509Certificate[0];
    }

    private void printCertificates(X509Certificate[] x509CertificateArr) {
        logger.info("Printing certificate chain", new Object[0]);
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            try {
                sb.append("\nCertificate[").append(i).append("]:").append(SignerConstants.LINE_SEPARATOR);
                sb.append("Subject: ").append(x509Certificate.getSubjectDN()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Issuer: ").append(x509Certificate.getIssuerDN()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Valid from: ").append(x509Certificate.getNotBefore()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Not Valid After: ").append(x509Certificate.getNotAfter()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Subject Alternative Names: ").append(x509Certificate.getSubjectAlternativeNames()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Issuer Alternative Names: ").append(x509Certificate.getIssuerAlternativeNames()).append(SignerConstants.LINE_SEPARATOR);
                sb.append("Serial: ").append(x509Certificate.getSerialNumber().toString(16)).append(SignerConstants.LINE_SEPARATOR);
                logger.info(sb.toString(), new Object[0]);
                i++;
            } catch (CertificateParsingException e) {
                logger.error("Error parsing certificate", e);
            } catch (Exception e2) {
                logger.error("Unexpected error occurred when parsing certificate", e2);
            }
        }
    }
}
