package io.confluent.security.mtls;

import io.confluent.security.authentication.AdmissionController;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;

/* loaded from: input_file:io/confluent/security/mtls/CertificateUtils.class */
public class CertificateUtils {
    private CertificateUtils() {
    }

    public static String certToString(Certificate certificate) {
        StringBuilder sb = new StringBuilder();
        sb.append("{");
        try {
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                sb.append("subjectDN=").append(x509Certificate.getSubjectX500Principal().getName()).append(AdmissionController.OAUTH_POOL_DELIMITER);
                sb.append("issuerDN=").append(x509Certificate.getIssuerX500Principal().getName()).append(AdmissionController.OAUTH_POOL_DELIMITER);
                sb.append("serialNumber=").append(x509Certificate.getSerialNumber().toString(16)).append(AdmissionController.OAUTH_POOL_DELIMITER);
                sb.append("notBefore=").append(x509Certificate.getNotBefore()).append(AdmissionController.OAUTH_POOL_DELIMITER);
                sb.append("notAfter=").append(x509Certificate.getNotAfter());
            } else if (certificate == null) {
                sb.append("isNull=true");
            } else {
                sb.append("type=").append(certificate.getType());
            }
        } catch (Exception e) {
            sb.append("error=").append(e.getMessage());
        }
        sb.append("}");
        return sb.toString();
    }

    public static String certChainToString(Certificate[] certificateArr) {
        StringBuilder sb = new StringBuilder();
        sb.append("Certificate chain = [");
        for (Certificate certificate : certificateArr) {
            sb.append(certToString(certificate)).append(";");
        }
        sb.append("]");
        return sb.toString();
    }
}
