package akka.remote.artery.tcp.ssl;

import akka.annotation.InternalApi;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLSession;
import scala.None$;
import scala.Option;
import scala.Some;
import scala.collection.immutable.Set;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;

/* compiled from: SessionVerifier.scala */
@ScalaSignature(bytes = "\u0006\u0005\u001d4QAB\u0004\u0003\u000fEA\u0001\u0002\b\u0001\u0003\u0002\u0003\u0006IA\b\u0005\u0006Q\u0001!\t!\u000b\u0005\u0006Y\u0001!\t%\f\u0005\u0006%\u0002!\te\u0015\u0005\u0006-\u0002!Ia\u0016\u0002\u0014!\u0016,'oU;cU\u0016\u001cGOV3sS\u001aLWM\u001d\u0006\u0003\u0011%\t1a]:m\u0015\tQ1\"A\u0002uGBT!\u0001D\u0007\u0002\r\u0005\u0014H/\u001a:z\u0015\tqq\"\u0001\u0004sK6|G/\u001a\u0006\u0002!\u0005!\u0011m[6b'\r\u0001!\u0003\u0007\t\u0003'Yi\u0011\u0001\u0006\u0006\u0002+\u0005)1oY1mC&\u0011q\u0003\u0006\u0002\u0007\u0003:L(+\u001a4\u0011\u0005eQR\"A\u0004\n\u0005m9!aD*fgNLwN\u001c,fe&4\u0017.\u001a:\u0002\u001fA,WM]\"feRLg-[2bi\u0016\u001c\u0001\u0001\u0005\u0002 M5\t\u0001E\u0003\u0002\"E\u0005!1-\u001a:u\u0015\t\u0019C%\u0001\u0005tK\u000e,(/\u001b;z\u0015\u0005)\u0013\u0001\u00026bm\u0006L!a\n\u0011\u0003\u001fa+\u0004'O\"feRLg-[2bi\u0016\fa\u0001P5oSRtDC\u0001\u0016,!\tI\u0002\u0001C\u0003\u001d\u0005\u0001\u0007a$A\nwKJLg-_\"mS\u0016tGoU3tg&|g\u000eF\u0002/{\u001d\u00032aE\u00182\u0013\t\u0001DC\u0001\u0004PaRLwN\u001c\t\u0003eir!a\r\u001d\u000f\u0005Q:T\"A\u001b\u000b\u0005Yj\u0012A\u0002\u001fs_>$h(C\u0001\u0016\u0013\tID#A\u0004qC\u000e\\\u0017mZ3\n\u0005mb$!\u0003+ie><\u0018M\u00197f\u0015\tID\u0003C\u0003?\u0007\u0001\u0007q(\u0001\u0005i_N$h.Y7f!\t\u0001EI\u0004\u0002B\u0005B\u0011A\u0007F\u0005\u0003\u0007R\ta\u0001\u0015:fI\u00164\u0017BA#G\u0005\u0019\u0019FO]5oO*\u00111\t\u0006\u0005\u0006\u0011\u000e\u0001\r!S\u0001\bg\u0016\u001c8/[8o!\tQ\u0005+D\u0001L\u0015\tAAJ\u0003\u0002N\u001d\u0006\u0019a.\u001a;\u000b\u0003=\u000bQA[1wCbL!!U&\u0003\u0015M\u001bFjU3tg&|g.A\nwKJLg-_*feZ,'oU3tg&|g\u000eF\u0002/)VCQA\u0010\u0003A\u0002}BQ\u0001\u0013\u0003A\u0002%\u000baC^3sS\u001aL\b+Z3s\u0007\u0016\u0014H/\u001b4jG\u0006$Xm\u001d\u000b\u00031~\u00032aE\u0018Z!\tQV,D\u0001\\\u0015\taF%\u0001\u0003mC:<\u0017B\u00010\\\u0005aIE\u000e\\3hC2\f%oZ;nK:$X\t_2faRLwN\u001c\u0005\u0006\u0011\u0016\u0001\r!\u0013\u0015\u0003\u0001\u0005\u0004\"AY3\u000e\u0003\rT!\u0001Z\b\u0002\u0015\u0005tgn\u001c;bi&|g.\u0003\u0002gG\nY\u0011J\u001c;fe:\fG.\u00119j\u0001")
@InternalApi
/* loaded from: input_file:BOOT-INF/lib/akka-remote_2.13-2.6.20.jar:akka/remote/artery/tcp/ssl/PeerSubjectVerifier.class */
public final class PeerSubjectVerifier implements SessionVerifier {
    private final X509Certificate peerCertificate;

    @Override // akka.remote.artery.tcp.ssl.SessionVerifier
    public Option<Throwable> verifyClientSession(String str, SSLSession sSLSession) {
        return verifyPeerCertificates(sSLSession);
    }

    @Override // akka.remote.artery.tcp.ssl.SessionVerifier
    public Option<Throwable> verifyServerSession(String str, SSLSession sSLSession) {
        return verifyPeerCertificates(sSLSession);
    }

    private Option<IllegalArgumentException> verifyPeerCertificates(SSLSession sSLSession) {
        Option some;
        Set<String> allSubjectNames = X509Readers$.MODULE$.getAllSubjectNames(this.peerCertificate);
        if (sSLSession.getPeerCertificates().length == 0) {
            new Some(new IllegalArgumentException("No peer certificates"));
        } else {
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        }
        Certificate certificate = sSLSession.getPeerCertificates()[0];
        if (certificate instanceof X509Certificate) {
            Set<String> allSubjectNames2 = X509Readers$.MODULE$.getAllSubjectNames((X509Certificate) certificate);
            some = allSubjectNames.exists(allSubjectNames2) ? None$.MODULE$ : new Some(new IllegalArgumentException(new StringBuilder(60).append("None of the peer subject names ").append(allSubjectNames2).append(" were in local subject names ").append(allSubjectNames).toString()));
        } else {
            some = new Some(new IllegalArgumentException(new StringBuilder(26).append("Unknown certificate type: ").append(certificate.getClass()).toString()));
        }
        return some;
    }

    public PeerSubjectVerifier(X509Certificate x509Certificate) {
        this.peerCertificate = x509Certificate;
    }
}
