package com.alogic.cert.xscript;

import com.alogic.cert.CertificateContent;
import com.alogic.cert.bc.KeyPurposeIdTools;
import com.alogic.cert.bc.builder.AddKeyUsage;
import com.alogic.xscript.ExecuteWatcher;
import com.alogic.xscript.Logiclet;
import com.alogic.xscript.LogicletContext;
import com.alogic.xscript.doc.XsArray;
import com.alogic.xscript.doc.XsObject;
import com.alogic.xscript.util.LogicletConstants;
import com.anysoft.util.Properties;
import com.anysoft.util.PropertiesConstants;
import com.anysoft.util.code.util.ByteUtil;
import java.security.PublicKey;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/alogic/cert/xscript/GetCertAll.class */
public class GetCertAll extends CertificateOperation {
    protected String $tag;
    protected static final String[] sanTypes = {"otherName", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID"};

    public GetCertAll(String str, Logiclet logiclet) {
        super(str, logiclet);
    }

    @Override // com.alogic.cert.xscript.CertificateOperation, com.alogic.xscript.AbstractLogiclet, com.anysoft.util.Configurable
    public void configure(Properties properties) {
        super.configure(properties);
        this.$tag = PropertiesConstants.getRaw(properties, "tag", "");
    }

    @Override // com.alogic.cert.xscript.CertificateOperation
    protected void onExecute(CertificateContent certificateContent, XsObject xsObject, XsObject xsObject2, LogicletContext logicletContext, ExecuteWatcher executeWatcher) {
        XsObject xsObject3 = xsObject2;
        String transform = PropertiesConstants.transform(logicletContext, this.$tag, "");
        if (StringUtils.isNotEmpty(transform)) {
            xsObject3 = xsObject2.getObjectChild(transform, true);
        }
        X509Certificate certificate = certificateContent.getCertificate();
        if (certificate != null) {
            xsObject3.addProperty("type", certificate.getType());
            xsObject3.addProperty("sn", ByteUtil.byte2string(certificate.getSerialNumber().toByteArray(), true, true));
            xsObject3.addProperty("version", Integer.valueOf(certificate.getVersion()));
            xsObject3.addProperty("signAlgorithm", certificate.getSigAlgName());
            xsObject3.addProperty("signAlgorithmOID", certificate.getSigAlgOID());
            xsObject3.addProperty("notBefore", Long.valueOf(certificate.getNotBefore().getTime()));
            xsObject3.addProperty("notAfter", Long.valueOf(certificate.getNotAfter().getTime()));
            xsObject3.addProperty("ca", certificate.getBasicConstraints() >= 0);
            byte[] sigAlgParams = certificate.getSigAlgParams();
            if (sigAlgParams != null) {
                xsObject3.addProperty("signAlgorithmPara", ByteUtil.byte2string(sigAlgParams, true, true));
            }
            byte[] signature = certificate.getSignature();
            if (signature != null) {
                xsObject3.addProperty("signature", ByteUtil.byte2string(signature, true, true));
            }
            boolean[] keyUsage = certificate.getKeyUsage();
            if (keyUsage != null && keyUsage.length >= 9) {
                XsObject objectChild = xsObject2.getObjectChild("usage", true);
                objectChild.addProperty(AddKeyUsage.DEFAULT, keyUsage[0]);
                objectChild.addProperty("nonRepudiation", keyUsage[1]);
                objectChild.addProperty("keyEncipherment", keyUsage[2]);
                objectChild.addProperty("dataEncipherment", keyUsage[3]);
                objectChild.addProperty("keyAgreement", keyUsage[4]);
                objectChild.addProperty("keyCertSign", keyUsage[5]);
                objectChild.addProperty("cRLSign", keyUsage[6]);
                objectChild.addProperty("encipherOnly", keyUsage[7]);
                objectChild.addProperty("decipherOnly", keyUsage[8]);
            }
            try {
                List<String> extendedKeyUsage = certificate.getExtendedKeyUsage();
                XsObject objectChild2 = xsObject2.getObjectChild("usage-ext", true);
                Iterator<String> it = extendedKeyUsage.iterator();
                while (it.hasNext()) {
                    String name = KeyPurposeIdTools.getName(it.next());
                    if (StringUtils.isNotEmpty(name)) {
                        objectChild2.addProperty(name, true);
                    }
                }
            } catch (Exception e) {
            }
            X500Principal issuerX500Principal = certificate.getIssuerX500Principal();
            if (issuerX500Principal != null) {
                XsObject objectChild3 = xsObject3.getObjectChild("issuer", true);
                String name2 = issuerX500Principal.getName("RFC2253");
                objectChild3.addProperty("raw", name2);
                try {
                    for (Rdn rdn : new LdapName(name2).getRdns()) {
                        objectChild3.addProperty(rdn.getType(), rdn.getValue().toString());
                    }
                    Collection<List<?>> issuerAlternativeNames = certificate.getIssuerAlternativeNames();
                    if (issuerAlternativeNames != null) {
                        XsArray arrayChild = objectChild3.getArrayChild("sans", true);
                        for (List<?> list : issuerAlternativeNames) {
                            if (list.size() == 2) {
                                XsObject newObject = arrayChild.newObject();
                                newObject.addProperty("type", getSanTypeName(list.get(0).toString()));
                                newObject.addProperty("value", list.get(1).toString());
                                arrayChild.add(newObject);
                            }
                        }
                    }
                } catch (CertificateParsingException e2) {
                    log("subject alt names of x509 error.", LogicletConstants.LOG_ERROR);
                } catch (InvalidNameException e3) {
                    log("issuer name of x509 error.", LogicletConstants.LOG_ERROR);
                }
            }
            X500Principal subjectX500Principal = certificate.getSubjectX500Principal();
            if (subjectX500Principal != null) {
                XsObject objectChild4 = xsObject3.getObjectChild("subject", true);
                String name3 = subjectX500Principal.getName("RFC2253");
                objectChild4.addProperty("raw", name3);
                try {
                    for (Rdn rdn2 : new LdapName(name3).getRdns()) {
                        objectChild4.addProperty(rdn2.getType(), rdn2.getValue().toString());
                    }
                    Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        XsArray arrayChild2 = objectChild4.getArrayChild("sans", true);
                        for (List<?> list2 : subjectAlternativeNames) {
                            if (list2.size() == 2) {
                                XsObject newObject2 = arrayChild2.newObject();
                                newObject2.addProperty("type", getSanTypeName(list2.get(0).toString()));
                                newObject2.addProperty("value", list2.get(1).toString());
                                arrayChild2.add(newObject2);
                            }
                        }
                    }
                } catch (CertificateParsingException e4) {
                    log("subject alt names of x509 error.", LogicletConstants.LOG_ERROR);
                } catch (InvalidNameException e5) {
                    log("subject name of x509 error.", LogicletConstants.LOG_ERROR);
                }
            }
            PublicKey publicKey = certificate.getPublicKey();
            if (publicKey != null) {
                XsObject objectChild5 = xsObject3.getObjectChild("public", true);
                objectChild5.addProperty("algorithm", publicKey.getAlgorithm());
                objectChild5.addProperty("format", publicKey.getFormat());
                objectChild5.addProperty("content", ByteUtil.byte2string(publicKey.getEncoded(), true, true));
            }
        }
    }

    public static String getSanTypeName(String str) {
        int i = 0;
        try {
            i = Integer.parseInt(str);
        } catch (NumberFormatException e) {
        }
        if (i < 0 || i >= sanTypes.length) {
            i = 0;
        }
        return sanTypes[i];
    }
}
