package org.wildfly.security.ssl;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.wildfly.security.asn1.ASN1;
import org.wildfly.security.auth.callback.CallbackUtil;
import org.wildfly.security.auth.callback.ChannelBindingCallback;

/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-auth-server-2.0.0.Alpha4.jar:org/wildfly/security/ssl/TLSServerEndPointChannelBinding.class */
public final class TLSServerEndPointChannelBinding {
    public static final String TLS_SERVER_ENDPOINT = "tls-server-end-point";

    private TLSServerEndPointChannelBinding() {
    }

    public static String getDigestAlgorithm(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -2096004508:
                if (str.equals(ASN1.OID_MD2_WITH_RSA)) {
                    z = true;
                    break;
                }
                break;
            case -2096004507:
                if (str.equals(ASN1.OID_MD4_WITH_RSA)) {
                    z = 2;
                    break;
                }
                break;
            case -2096004506:
                if (str.equals(ASN1.OID_MD5_WITH_RSA)) {
                    z = 4;
                    break;
                }
                break;
            case -2096004505:
                if (str.equals(ASN1.OID_SHA1_WITH_RSA)) {
                    z = 6;
                    break;
                }
                break;
            case -2071451550:
                if (str.equals(ASN1.OID_MD2)) {
                    z = false;
                    break;
                }
                break;
            case -2071451547:
                if (str.equals(ASN1.OID_MD5)) {
                    z = 3;
                    break;
                }
                break;
            case -902557051:
                if (str.equals(ASN1.OID_SHA1_WITH_DSA)) {
                    z = 5;
                    break;
                }
                break;
            case -897939448:
                if (str.equals(ASN1.OID_SHA1_WITH_ECDSA)) {
                    z = 7;
                    break;
                }
                break;
            case -551630290:
                if (str.equals(ASN1.OID_SHA256_WITH_RSA)) {
                    z = 10;
                    break;
                }
                break;
            case -551630289:
                if (str.equals(ASN1.OID_SHA384_WITH_RSA)) {
                    z = 13;
                    break;
                }
                break;
            case -551630288:
                if (str.equals(ASN1.OID_SHA512_WITH_RSA)) {
                    z = 15;
                    break;
                }
                break;
            case -308431282:
                if (str.equals(ASN1.OID_SHA1)) {
                    z = 8;
                    break;
                }
                break;
            case 368620365:
                if (str.equals(ASN1.OID_SHA224_WITH_ECDSA)) {
                    z = 9;
                    break;
                }
                break;
            case 368620366:
                if (str.equals(ASN1.OID_SHA256_WITH_ECDSA)) {
                    z = 11;
                    break;
                }
                break;
            case 368620367:
                if (str.equals(ASN1.OID_SHA384_WITH_ECDSA)) {
                    z = 12;
                    break;
                }
                break;
            case 368620368:
                if (str.equals(ASN1.OID_SHA512_WITH_ECDSA)) {
                    z = 14;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
                return MessageDigestAlgorithms.SHA_256;
            case true:
            case true:
                return MessageDigestAlgorithms.SHA_384;
            case true:
            case true:
                return MessageDigestAlgorithms.SHA_512;
            default:
                return null;
        }
    }

    public static void handleChannelBindingCallback(ChannelBindingCallback channelBindingCallback, X509Certificate[] x509CertificateArr) throws UnsupportedCallbackException {
        if (x509CertificateArr != null && x509CertificateArr.length > 0) {
            try {
                byte[] channelBindingData = getChannelBindingData(x509CertificateArr[0]);
                if (channelBindingData != null) {
                    channelBindingCallback.setBindingData(channelBindingData);
                    channelBindingCallback.setBindingType(TLS_SERVER_ENDPOINT);
                    return;
                }
            } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            }
        }
        CallbackUtil.unsupported(channelBindingCallback);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getChannelBindingData(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        String digestAlgorithm;
        if (x509Certificate == null || (digestAlgorithm = getDigestAlgorithm(x509Certificate.getSigAlgOID())) == null) {
            return null;
        }
        return MessageDigest.getInstance(digestAlgorithm).digest(x509Certificate.getEncoded());
    }
}
