package com.unbound.provider;

import com.unbound.common.Log;
import com.unbound.common.crypto.X509;
import com.unbound.provider.kmip.KMIP;
import com.unbound.provider.kmip.attribute.BytesAttribute;
import com.unbound.provider.kmip.attribute.DateAttribute;
import com.unbound.provider.kmip.attribute.Link;
import com.unbound.provider.kmip.attribute.Name;
import com.unbound.provider.kmip.attribute.TemplateAttribute;
import com.unbound.provider.kmip.object.Certificate;
import com.unbound.provider.kmip.request.ActivateRequest;
import com.unbound.provider.kmip.request.GetAttributesRequest;
import com.unbound.provider.kmip.request.LocateRequest;
import com.unbound.provider.kmip.request.RegisterRequest;
import com.unbound.provider.kmip.request.RequestMessage;
import com.unbound.provider.kmip.response.GetAttributesResponse;
import com.unbound.provider.kmip.response.GetResponse;
import com.unbound.provider.kmip.response.RegisterResponse;
import com.unbound.provider.kmip.response.ResponseMessage;
import java.io.IOException;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/unbound/provider/UBCertificate.class */
public class UBCertificate extends UBObject {
    X509Certificate x509;

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBCertificate(Partition partition, long j, GetAttributesResponse getAttributesResponse, GetResponse getResponse) throws CertificateException {
        super(partition, j, getAttributesResponse);
        Log end = Log.func("UBCertificate").logHex("uid", j).end();
        try {
            try {
                this.x509 = X509.get(((Certificate) getResponse.object).value);
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public UBCertificate(Partition partition, String str, X509Certificate x509Certificate) throws IOException, CertificateEncodingException {
        super(partition);
        RequestMessage requestMessage = new RequestMessage();
        RegisterRequest registerRequest = new RegisterRequest();
        requestMessage.batch.add(registerRequest);
        registerRequest.objectType = 1;
        if (str != null) {
            registerRequest.template = new TemplateAttribute();
            registerRequest.template.attrs.add(new Name(str));
        }
        Certificate certificate = new Certificate();
        certificate.type = 1;
        certificate.value = x509Certificate.getEncoded();
        registerRequest.object = certificate;
        requestMessage.batch.add(new ActivateRequest());
        GetAttributesRequest getAttributesRequest = new GetAttributesRequest();
        requestMessage.batch.add(getAttributesRequest);
        getAttributesRequest.names.add("Name");
        getAttributesRequest.names.add("Initial Date");
        ResponseMessage transmit = partition.transmit(requestMessage);
        RegisterResponse registerResponse = (RegisterResponse) transmit.batch.get(0);
        GetAttributesResponse getAttributesResponse = (GetAttributesResponse) transmit.batch.get(2);
        this.uid = strToUid(registerResponse.uid);
        this.name = ((Name) getAttributesResponse.attrs.get(0)).value;
        this.initialDate = ((DateAttribute) getAttributesResponse.attrs.get(1)).value;
        this.x509 = x509Certificate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean match(PublicKey publicKey) {
        return this.x509.getPublicKey().equals(publicKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static UBCertificate locate(Partition partition, String str) throws CertificateException, InvalidKeySpecException, IOException {
        long j = 0;
        Log end = Log.func("UBCertificate.locate").log("alias", str).end();
        try {
            try {
                j = partition.locate(1, 0, str);
                if (j == 0) {
                    end.leavePrint().logHex("uid", j).end();
                    return null;
                }
                UBCertificate uBCertificate = (UBCertificate) UBObject.read(partition, j);
                end.leavePrint().logHex("uid", j).end();
                return uBCertificate;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leavePrint().logHex("uid", j).end();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static UBCertificate locate(Partition partition, X509Certificate x509Certificate) throws CertificateException, InvalidKeySpecException, IOException {
        long j = 0;
        Log end = Log.func("UBCertificate.locateByValue").end();
        try {
            try {
                LocateRequest locateRequest = locateRequest(1, 0, null);
                locateRequest.attrs.add(new BytesAttribute(KMIP.Tag.CKA_VALUE, x509Certificate.getEncoded()));
                j = partition.locate(locateRequest);
                if (j == 0) {
                    end.leavePrint().logHex("uid", j).end();
                    return null;
                }
                UBCertificate uBCertificate = (UBCertificate) UBObject.read(partition, j);
                end.leavePrint().logHex("uid", j).end();
                return uBCertificate;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leavePrint().logHex("uid", j).end();
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static UBCertificate locateByKeyUid(Partition partition, long j) throws CertificateException, InvalidKeySpecException, IOException {
        long j2 = 0;
        Log end = Log.func("UBCertificate.locateByKeyUid").logHex("keyUid", j).end();
        try {
            try {
                LocateRequest locateRequest = locateRequest(1, 0, null);
                locateRequest.attrs.add(new Link(259, uidToStr(j)));
                j2 = partition.locate(locateRequest);
                if (j2 == 0) {
                    end.leavePrint().logHex("uid", j2).end();
                    return null;
                }
                UBCertificate uBCertificate = (UBCertificate) UBObject.read(partition, j2);
                end.leavePrint().logHex("uid", j2).end();
                return uBCertificate;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leavePrint().logHex("uid", j2).end();
            throw th;
        }
    }

    private static UBCertificate findBySubject(X500Principal x500Principal, UBObject[] uBObjectArr) {
        for (UBObject uBObject : uBObjectArr) {
            if (uBObject != null) {
                UBCertificate uBCertificate = (UBCertificate) uBObject;
                if (x500Principal.equals(uBCertificate.x509.getSubjectX500Principal())) {
                    return uBCertificate;
                }
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public java.security.cert.Certificate[] getChain(UBObject[] uBObjectArr) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.x509);
        UBCertificate uBCertificate = this;
        X500Principal subjectX500Principal = this.x509.getSubjectX500Principal();
        while (true) {
            X500Principal issuerX500Principal = uBCertificate.x509.getIssuerX500Principal();
            if (subjectX500Principal.equals(issuerX500Principal)) {
                break;
            }
            uBCertificate = findBySubject(issuerX500Principal, uBObjectArr);
            if (uBCertificate == null) {
                break;
            }
            arrayList.add(uBCertificate.x509);
        }
        return (java.security.cert.Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    private static UBCertificate findBySubject(Partition partition, X500Principal x500Principal) throws CertificateException, InvalidKeySpecException, IOException {
        LocateRequest locateRequest = locateRequest(1, 0, null);
        locateRequest.attrs.add(new BytesAttribute(KMIP.Tag.CKA_SUBJECT, x500Principal.getEncoded()));
        long locate = partition.locate(locateRequest);
        if (locate == 0) {
            return null;
        }
        return (UBCertificate) UBObject.read(partition, locate);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public java.security.cert.Certificate[] getChain() throws CertificateException, InvalidKeySpecException, IOException {
        ArrayList arrayList = new ArrayList();
        Log end = Log.func("UBCertificate.getChain").logHex("uid", this.uid).end();
        try {
            try {
                arrayList.add(this.x509);
                UBCertificate uBCertificate = this;
                X500Principal subjectX500Principal = this.x509.getSubjectX500Principal();
                while (true) {
                    X500Principal issuerX500Principal = uBCertificate.x509.getIssuerX500Principal();
                    if (subjectX500Principal.equals(issuerX500Principal)) {
                        break;
                    }
                    uBCertificate = findBySubject(this.partition, issuerX500Principal);
                    if (uBCertificate == null) {
                        break;
                    }
                    arrayList.add(uBCertificate.x509);
                }
                java.security.cert.Certificate[] certificateArr = (java.security.cert.Certificate[]) arrayList.toArray(new X509Certificate[0]);
                end.leave();
                return certificateArr;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    @Override // com.unbound.provider.UBObject
    int objectType() {
        return 1;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static long getKeyUid(X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (publicKey instanceof RSAPublicKey) {
            return UBRSAPrivateKey.getKeyUid((RSAPublicKey) publicKey);
        }
        if (publicKey instanceof ECPublicKey) {
            return UBECPrivateKey.getKeyUid((ECPublicKey) publicKey);
        }
        throw new ProviderException("Unsupported certificate type");
    }
}
