package io.undertow.servlet.handlers.security;

import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.SSLSessionInfo;
import io.undertow.servlet.handlers.ServletRequestContext;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.servlet.ServletRequest;

/* loaded from: input_file:lib/undertow-servlet-1.4.4.Final.jar:io/undertow/servlet/handlers/security/SSLInformationAssociationHandler.class */
public class SSLInformationAssociationHandler implements HttpHandler {
    private final HttpHandler next;

    public SSLInformationAssociationHandler(HttpHandler httpHandler) {
        this.next = httpHandler;
    }

    public static int getKeyLength(String str) {
        if (str == null) {
            return 0;
        }
        if (str.contains("WITH_AES_256_")) {
            return 256;
        }
        if (str.contains("WITH_RC4_128_") || str.contains("WITH_AES_128_")) {
            return 128;
        }
        if (str.contains("WITH_RC4_40_")) {
            return 40;
        }
        if (str.contains("WITH_3DES_EDE_CBC_")) {
            return 168;
        }
        if (str.contains("WITH_IDEA_CBC_")) {
            return 128;
        }
        if (str.contains("WITH_RC2_CBC_40_") || str.contains("WITH_DES40_CBC_")) {
            return 40;
        }
        return str.contains("WITH_DES_CBC_") ? 56 : 0;
    }

    private X509Certificate[] getCerts(SSLSessionInfo sSLSessionInfo) {
        try {
            javax.security.cert.X509Certificate[] peerCertificateChain = sSLSessionInfo.getPeerCertificateChain();
            if (peerCertificateChain == null || peerCertificateChain.length == 0) {
                return null;
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[peerCertificateChain.length];
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            for (int i = 0; i < peerCertificateChain.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(peerCertificateChain[i].getEncoded()));
            }
            return x509CertificateArr;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        ServletRequest servletRequest = ((ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY)).getServletRequest();
        SSLSessionInfo sslSessionInfo = httpServerExchange.getConnection().getSslSessionInfo();
        if (sslSessionInfo != null) {
            servletRequest.setAttribute("javax.servlet.request.cipher_suite", sslSessionInfo.getCipherSuite());
            servletRequest.setAttribute("javax.servlet.request.key_size", Integer.valueOf(getKeyLength(sslSessionInfo.getCipherSuite())));
            servletRequest.setAttribute("javax.servlet.request.ssl_session_id", sslSessionInfo.getSessionId());
            X509Certificate[] certs = getCerts(sslSessionInfo);
            if (certs != null) {
                servletRequest.setAttribute("javax.servlet.request.X509Certificate", certs);
            }
        }
        this.next.handleRequest(httpServerExchange);
    }
}
