package by.avest.certstore;

import by.avest.crypto.x509.GeneralNames;
import by.avest.crypto.x509.Holder;
import by.avest.crypto.x509.IssuerSerial;
import by.avest.crypto.x509.ObjectDigestInfo;
import by.avest.crypto.x509.X509AttributeCertificate;
import java.io.IOException;
import java.security.cert.CertSelector;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import sun.misc.HexDumpEncoder;
import sun.security.x509.X500Name;

/* loaded from: input_file:by/avest/certstore/X509CertSelector.class */
public class X509CertSelector extends java.security.cert.X509CertSelector {
    private X509AttributeCertificate attributeCertificate;

    @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
    public boolean match(Certificate certificate) {
        if (certificate instanceof X509Certificate) {
            return super.match(certificate) && matchAttributeCertificate((X509Certificate) certificate);
        }
        return false;
    }

    private boolean matchAttributeCertificate(X509Certificate x509Certificate) {
        if (this.attributeCertificate == null) {
            return true;
        }
        Holder holder = this.attributeCertificate.getHolder();
        IssuerSerial baseCertificateId = holder.getBaseCertificateId();
        if (baseCertificateId != null) {
            boolean z = baseCertificateId.getSerial().getNumber().equals(x509Certificate.getSerialNumber()) && Util.nameMatches(x509Certificate.getIssuerDN(), baseCertificateId.getIssuer());
            if (!z && Util.isDebug()) {
                Util.log("X509CertSelector.match: holder base certificate id don't match");
            }
            return z;
        }
        GeneralNames entityName = holder.getEntityName();
        if (entityName != null) {
            boolean nameMatches = Util.nameMatches(x509Certificate.getSubjectDN(), entityName);
            if (!nameMatches && Util.isDebug()) {
                Util.log("X509CertSelector.match: holder entity name don't match");
            }
            return nameMatches;
        }
        ObjectDigestInfo objectDigestInfo = holder.getObjectDigestInfo();
        if (objectDigestInfo == null) {
            return true;
        }
        boolean digestMatches = Util.digestMatches(x509Certificate, objectDigestInfo);
        if (!digestMatches && Util.isDebug()) {
            Util.log("X509CertSelector.match: holder object digest info don't match");
        }
        return digestMatches;
    }

    public X509AttributeCertificate getAttributeCertificate() {
        return this.attributeCertificate;
    }

    public void setAttributeCertificate(X509AttributeCertificate x509AttributeCertificate) {
        this.attributeCertificate = x509AttributeCertificate;
    }

    @Override // java.security.cert.X509CertSelector
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("X509CertSelector: [\n");
        if (getCertificate() != null) {
            stringBuffer.append("  Certificate: " + getCertificate().toString() + "\n");
        }
        if (this.attributeCertificate != null) {
            stringBuffer.append("  Attribute Certificate: " + this.attributeCertificate.toString() + "\n");
        }
        if (getSerialNumber() != null) {
            stringBuffer.append("  Serial Number: " + getSerialNumber().toString() + "\n");
        }
        if (getIssuer() != null) {
            try {
                stringBuffer.append("  Issuer (hex): \n" + new HexDumpEncoder().encodeBuffer(getIssuerAsBytes()));
                stringBuffer.append("  Issuer: " + new X500Name(getIssuerAsBytes()).toString() + "\n\n");
            } catch (IOException e) {
                stringBuffer.append("  Issuer: " + getIssuerAsString() + "\n");
            }
        }
        if (getSubject() != null) {
            try {
                stringBuffer.append("  Subject (hex): \n" + new HexDumpEncoder().encodeBuffer(getSubjectAsBytes()));
                stringBuffer.append("  Subject: " + new X500Name(getSubjectAsBytes()).toString() + "\n\n");
            } catch (IOException e2) {
                stringBuffer.append("  Subject: " + getSubjectAsString() + "\n");
            }
        }
        stringBuffer.append("  matchAllSubjectAltNames flag: " + String.valueOf(getMatchAllSubjectAltNames()) + "\n");
        if (getSubjectAlternativeNames() != null) {
            stringBuffer.append("  SubjectAlternativeNames:\n");
            for (List<?> list : getSubjectAlternativeNames()) {
                stringBuffer.append("    type " + list.get(0) + ", name " + list.get(1) + "\n");
            }
        }
        if (getSubjectKeyIdentifier() != null) {
            stringBuffer.append("  Subject Key Identifier: \n" + new HexDumpEncoder().encodeBuffer(getSubjectKeyIdentifier()) + "\n");
        }
        if (getAuthorityKeyIdentifier() != null) {
            stringBuffer.append("  Authority Key Identifier: \n" + new HexDumpEncoder().encodeBuffer(getAuthorityKeyIdentifier()) + "\n");
        }
        if (getCertificateValid() != null) {
            stringBuffer.append("  Certificate Valid: " + getCertificateValid().toString() + "\n");
        }
        if (getPrivateKeyValid() != null) {
            stringBuffer.append("  Private Key Valid: " + getPrivateKeyValid().toString() + "\n");
        }
        if (getSubjectPublicKeyAlgID() != null) {
            stringBuffer.append("  Subject Public Key AlgID: " + getSubjectPublicKeyAlgID().toString() + "\n");
        }
        if (getSubjectPublicKey() != null) {
            stringBuffer.append("  Subject Public Key: " + getSubjectPublicKey().toString() + "\n");
        }
        if (getKeyUsage() != null) {
            stringBuffer.append("  Key Usage: " + keyUsageToString(getKeyUsage()) + "\n");
        }
        if (getExtendedKeyUsage() != null) {
            stringBuffer.append("  Extended Key Usage: " + getExtendedKeyUsage().toString() + "\n");
        }
        if (getPolicy() != null) {
            stringBuffer.append("  Policy: " + getPolicy().toString() + "\n");
        }
        if (getPathToNames() != null) {
            stringBuffer.append("  Path to names:\n");
            Iterator<List<?>> it = getPathToNames().iterator();
            while (it.hasNext()) {
                stringBuffer.append("    " + it.next() + "\n");
            }
        }
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    public static String toString(CertSelector certSelector) {
        if (certSelector != null && certSelector.getClass().getPackage().getName().startsWith("by.avest")) {
            return certSelector.toString();
        }
        if (!(certSelector instanceof java.security.cert.X509CertSelector)) {
            return String.valueOf(certSelector);
        }
        java.security.cert.X509CertSelector x509CertSelector = (java.security.cert.X509CertSelector) certSelector;
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("X509CertSelector: [\n");
        if (x509CertSelector.getCertificate() != null) {
            stringBuffer.append("  Certificate: " + x509CertSelector.getCertificate().toString() + "\n");
        }
        if (x509CertSelector.getSerialNumber() != null) {
            stringBuffer.append("  Serial Number: " + x509CertSelector.getSerialNumber().toString() + "\n");
        }
        if (x509CertSelector.getIssuer() != null) {
            try {
                stringBuffer.append("  Issuer (hex): \n" + new HexDumpEncoder().encodeBuffer(x509CertSelector.getIssuerAsBytes()));
                stringBuffer.append("  Issuer: " + new X500Name(x509CertSelector.getIssuerAsBytes()).toString() + "\n");
            } catch (IOException e) {
                stringBuffer.append("  Issuer: " + x509CertSelector.getIssuerAsString() + "\n\n");
            }
        }
        if (x509CertSelector.getSubject() != null) {
            try {
                stringBuffer.append("  Subject (hex): \n" + new HexDumpEncoder().encodeBuffer(x509CertSelector.getSubjectAsBytes()));
                stringBuffer.append("  Subject: " + new X500Name(x509CertSelector.getSubjectAsBytes()).toString() + "\n\n");
            } catch (IOException e2) {
                stringBuffer.append("  Subject: " + x509CertSelector.getSubjectAsString() + "\n");
            }
        }
        stringBuffer.append("  matchAllSubjectAltNames flag: " + String.valueOf(x509CertSelector.getMatchAllSubjectAltNames()) + "\n");
        if (x509CertSelector.getSubjectAlternativeNames() != null) {
            stringBuffer.append("  SubjectAlternativeNames:\n");
            for (List<?> list : x509CertSelector.getSubjectAlternativeNames()) {
                stringBuffer.append("    type " + list.get(0) + ", name " + list.get(1) + "\n");
            }
        }
        if (x509CertSelector.getSubjectKeyIdentifier() != null) {
            stringBuffer.append("  Subject Key Identifier: \n" + new HexDumpEncoder().encodeBuffer(x509CertSelector.getSubjectKeyIdentifier()) + "\n");
        }
        if (x509CertSelector.getAuthorityKeyIdentifier() != null) {
            stringBuffer.append("  Authority Key Identifier: \n" + new HexDumpEncoder().encodeBuffer(x509CertSelector.getAuthorityKeyIdentifier()) + "\n");
        }
        if (x509CertSelector.getCertificateValid() != null) {
            stringBuffer.append("  Certificate Valid: " + x509CertSelector.getCertificateValid().toString() + "\n");
        }
        if (x509CertSelector.getPrivateKeyValid() != null) {
            stringBuffer.append("  Private Key Valid: " + x509CertSelector.getPrivateKeyValid().toString() + "\n");
        }
        if (x509CertSelector.getSubjectPublicKeyAlgID() != null) {
            stringBuffer.append("  Subject Public Key AlgID: " + x509CertSelector.getSubjectPublicKeyAlgID().toString() + "\n");
        }
        if (x509CertSelector.getSubjectPublicKey() != null) {
            stringBuffer.append("  Subject Public Key: " + x509CertSelector.getSubjectPublicKey().toString() + "\n");
        }
        if (x509CertSelector.getKeyUsage() != null) {
            stringBuffer.append("  Key Usage: " + keyUsageToString(x509CertSelector.getKeyUsage()) + "\n");
        }
        if (x509CertSelector.getExtendedKeyUsage() != null) {
            stringBuffer.append("  Extended Key Usage: " + x509CertSelector.getExtendedKeyUsage().toString() + "\n");
        }
        if (x509CertSelector.getPolicy() != null) {
            stringBuffer.append("  Policy: " + x509CertSelector.getPolicy().toString() + "\n");
        }
        if (x509CertSelector.getPathToNames() != null) {
            stringBuffer.append("  Path to names:\n");
            Iterator<List<?>> it = x509CertSelector.getPathToNames().iterator();
            while (it.hasNext()) {
                stringBuffer.append("    " + it.next() + "\n");
            }
        }
        stringBuffer.append("]");
        return stringBuffer.toString();
    }

    private static String keyUsageToString(boolean[] zArr) {
        String str;
        str = "KeyUsage [\n";
        try {
            str = zArr[0] ? str + "  DigitalSignature\n" : "KeyUsage [\n";
            if (zArr[1]) {
                str = str + "  Non_repudiation\n";
            }
            if (zArr[2]) {
                str = str + "  Key_Encipherment\n";
            }
            if (zArr[3]) {
                str = str + "  Data_Encipherment\n";
            }
            if (zArr[4]) {
                str = str + "  Key_Agreement\n";
            }
            if (zArr[5]) {
                str = str + "  Key_CertSign\n";
            }
            if (zArr[6]) {
                str = str + "  Crl_Sign\n";
            }
            if (zArr[7]) {
                str = str + "  Encipher_Only\n";
            }
            if (zArr[8]) {
                str = str + "  Decipher_Only\n";
            }
        } catch (ArrayIndexOutOfBoundsException e) {
        }
        return str + "]\n";
    }
}
