package de.adorsys.psd2.validator.certificate.util;

import com.nimbusds.jose.util.X509CertUtils;
import de.adorsys.psd2.validator.certificate.CertificateErrorMsgCode;
import de.adorsys.psd2.validator.common.PSD2QCStatement;
import de.adorsys.psd2.validator.common.PSD2QCType;
import de.adorsys.psd2.validator.common.RoleOfPSP;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import no.difi.certvalidator.api.CertificateValidationException;
import org.apache.commons.lang3.ArrayUtils;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/psd2-validator-1.12.jar:de/adorsys/psd2/validator/certificate/util/CertificateExtractorUtil.class */
public class CertificateExtractorUtil {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CertificateExtractorUtil.class);

    private CertificateExtractorUtil() {
    }

    public static TppCertificateData extract(String str) throws CertificateValidationException {
        X509Certificate parse = X509CertUtils.parse(str);
        if (parse == null) {
            log.debug("Error reading certificate ");
            throw new CertificateValidationException(CertificateErrorMsgCode.CERTIFICATE_INVALID.toString());
        }
        ArrayList arrayList = new ArrayList();
        TppCertificateData tppCertificateData = new TppCertificateData();
        PSD2QCType psd2QCType = PSD2QCStatement.psd2QCType(parse);
        for (RoleOfPSP roleOfPSP : psd2QCType.getRolesOfPSP().getRoles()) {
            arrayList.add(TppRole.valueOf(roleOfPSP.getNormalizedRoleName()));
        }
        tppCertificateData.setPspRoles(arrayList);
        tppCertificateData.setPspAuthorityName(psd2QCType.getnCAName().getString());
        tppCertificateData.setPspAuthorityId(psd2QCType.getnCAId().getString());
        try {
            X500Name subject = new JcaX509CertificateHolder(parse).getSubject();
            tppCertificateData.setPspAuthorisationNumber(getValueFromX500Name(subject, BCStyle.ORGANIZATION_IDENTIFIER));
            tppCertificateData.setOrganisation(getValueFromX500Name(subject, BCStyle.O));
            tppCertificateData.setOrganisationUnit(getValueFromX500Name(subject, BCStyle.OU));
            tppCertificateData.setCity(getValueFromX500Name(subject, BCStyle.L));
            tppCertificateData.setState(getValueFromX500Name(subject, BCStyle.ST));
            tppCertificateData.setCountry(getValueFromX500Name(subject, BCStyle.C));
            tppCertificateData.setName(getValueFromX500Name(subject, BCStyle.CN));
            return tppCertificateData;
        } catch (CertificateEncodingException e) {
            log.debug(e.getMessage());
            throw new CertificateValidationException(CertificateErrorMsgCode.CERTIFICATE_INVALID.toString());
        }
    }

    private static String getValueFromX500Name(X500Name x500Name, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        if (ArrayUtils.contains(x500Name.getAttributeTypes(), aSN1ObjectIdentifier)) {
            return IETFUtils.valueToString(x500Name.getRDNs(aSN1ObjectIdentifier)[0].getFirst().getValue());
        }
        return null;
    }
}
