package fr.lixbox.security.cert.parser;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.ASN1IA5String;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.PolicyInformation;

/* loaded from: input_file:fr/lixbox/security/cert/parser/BasicCertParser.class */
public final class BasicCertParser implements CertParser {
    private static final String SERIAL_NUMBER = "serialNumber";
    private static final Log LOG = LogFactory.getLog(BasicCertParser.class);
    private X509Certificate cert;
    private Map<String, Object> certDatas;

    public BasicCertParser() {
        this.certDatas = new HashMap();
    }

    public BasicCertParser(X509Certificate x509Certificate) {
        setCert(x509Certificate);
        this.certDatas = new HashMap();
    }

    public void setCert(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
        parse(x509Certificate.getIssuerX500Principal());
    }

    public X509Certificate getCertificate() {
        return this.cert;
    }

    public Map<String, Object> getCertificateDatas() {
        return this.certDatas;
    }

    public String getCertificateId() {
        if (!getCertificatRevoque()) {
            return (String) this.certDatas.get("othername");
        }
        LOG.debug("Le Certificat n : " + String.valueOf(this.certDatas.get(SERIAL_NUMBER)) + " est revoque");
        return null;
    }

    public boolean getCertificatRevoque() {
        boolean z = true;
        try {
            FileInputStream fileInputStream = new FileInputStream(extraireCrlDistributionPoint());
            try {
                X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(fileInputStream);
                LOG.debug("La CRL courante a ete publie le: " + String.valueOf(x509crl.getThisUpdate()));
                LOG.debug("La CRL sera misea jour au plus tard le " + String.valueOf(x509crl.getNextUpdate()));
                LOG.debug("La CRL est genene par " + String.valueOf(x509crl.getIssuerX500Principal()));
                X509CRLEntry revokedCertificate = x509crl.getRevokedCertificate((BigInteger) this.certDatas.get(SERIAL_NUMBER));
                if (x509crl.getNextUpdate().before(new Date())) {
                    LOG.error("LA CRL est expiré");
                }
                if (revokedCertificate != null) {
                    z = true;
                    LOG.debug("Le CERTIFICAT " + ((BigInteger) this.certDatas.get(SERIAL_NUMBER)).toString(16) + " est revoque depuis le : " + String.valueOf(revokedCertificate.getRevocationDate()));
                } else {
                    z = false;
                    LOG.debug("Le CERTIFICAT " + ((BigInteger) this.certDatas.get(SERIAL_NUMBER)).toString(16) + " est OK, et NON revoque");
                }
                fileInputStream.close();
            } finally {
            }
        } catch (IOException | CRLException | CertificateException e) {
            LOG.fatal(e);
        }
        return z;
    }

    private void parse(Principal principal) {
        String name = principal.getName();
        this.certDatas.put("cn", extraireChamp("CN", name));
        this.certDatas.put("c", extraireChamp("C", name));
        this.certDatas.put("l", extraireChamp("L", name));
        this.certDatas.put("o", extraireChamp("O", name));
        this.certDatas.put("ou", extraireChamp("OU", name));
        this.certDatas.put("st", extraireChamp("ST", name));
        this.certDatas.put("policy", extrairePolicy());
        this.certDatas.put(SERIAL_NUMBER, extraireSerialNumber());
        this.certDatas.put("crlDistributionPoints", extraireCrlDistributionPoint());
        this.certDatas.put("othername", extraireOtherName());
    }

    private String extrairePolicy() {
        String str = "";
        byte[] extensionValue = this.cert.getExtensionValue("2.5.29.32");
        if (extensionValue != null) {
            try {
                ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(aSN1InputStream.readObject().getOctets()));
                ASN1Sequence readObject = aSN1InputStream2.readObject();
                aSN1InputStream.close();
                aSN1InputStream2.close();
                str = new PolicyInformation(readObject.getObjectAt(0).getObjectAt(0)).getPolicyIdentifier().getId();
            } catch (IOException e) {
                LOG.error(e);
            }
        }
        LOG.debug("POLICY : " + str);
        return str;
    }

    private BigInteger extraireSerialNumber() {
        return this.cert.getSerialNumber();
    }

    private String extraireCrlDistributionPoint() {
        String str = "";
        byte[] extensionValue = this.cert.getExtensionValue("2.5.29.31");
        if (extensionValue != null) {
            try {
                ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(aSN1InputStream.readObject().getOctets()));
                for (DistributionPoint distributionPoint : CRLDistPoint.getInstance(aSN1InputStream2.readObject()).getDistributionPoints()) {
                    DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
                    if (distributionPoint2 != null && distributionPoint2.getType() == 0) {
                        GeneralName[] names = GeneralNames.getInstance(distributionPoint2.getName()).getNames();
                        for (int i = 0; i < names.length; i++) {
                            if (names[i].getTagNo() == 6) {
                                str = ASN1IA5String.getInstance(names[i].getName()).getString();
                            }
                        }
                    }
                }
                aSN1InputStream.close();
                aSN1InputStream2.close();
            } catch (IOException e) {
                LOG.error(e);
            }
        }
        return str;
    }

    private List<String> extraireOtherName() {
        Collection<List<?>> subjectAlternativeNames;
        ArrayList arrayList = new ArrayList();
        try {
            subjectAlternativeNames = this.cert.getSubjectAlternativeNames();
        } catch (CertificateParsingException e) {
            LOG.error("Error parsing SubjectAltName in certificate: ", e);
        }
        if (subjectAlternativeNames == null) {
            return Collections.emptyList();
        }
        for (List<?> list : subjectAlternativeNames) {
            if (((Integer) list.get(0)).intValue() == 0) {
                try {
                    ASN1InputStream aSN1InputStream = new ASN1InputStream((byte[]) list.toArray()[1]);
                    try {
                        arrayList.add(aSN1InputStream.readObject().getObjectAt(1).toASN1Primitive().toASN1Primitive().getString());
                        aSN1InputStream.close();
                    } catch (Throwable th) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                        break;
                    }
                } catch (Exception e2) {
                    LOG.error("Error decoding subjectAltName", e2);
                }
            }
        }
        return arrayList;
    }

    private String extraireChamp(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        String str3 = str + "=";
        int indexOf = str2.indexOf(str3);
        String substring = str2.substring(indexOf + str.length() + 1);
        boolean z = indexOf == -1;
        for (int i = 0; i < substring.length() && !z; i++) {
            char charAt = substring.charAt(i);
            if (charAt != ',') {
                sb.append(charAt);
            } else {
                z = true;
            }
        }
        LOG.debug(str3 + String.valueOf(sb));
        return sb.toString();
    }
}
