package cn.com.infosec.netsign.base;

import cn.com.infosec.netsign.base.util.CertTrustException;
import cn.com.infosec.netsign.base.util.CertValidateException;
import cn.com.infosec.netsign.base.util.NetSignImpl;
import cn.com.infosec.netsign.base.util.Utils;
import cn.com.infosec.netsign.logger.ConsoleLogger;
import cn.com.infosec.oscca.sm2.SM2Certificate;
import cn.com.infosec.oscca.sm2.SM2PublicKey;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;

/* loaded from: input_file:cn/com/infosec/netsign/base/NetSignCertPath.class */
public class NetSignCertPath {
    private ArrayList path;

    public NetSignCertPath() {
        this.path = new ArrayList();
    }

    public NetSignCertPath(List list) {
        this.path = new ArrayList(list);
    }

    public int size() {
        return this.path.size();
    }

    public void add(NetSignX509Certificate netSignX509Certificate) {
        this.path.add(netSignX509Certificate);
    }

    public X509Certificate get(int i) {
        return ((NetSignX509Certificate) this.path.get(i)).getCert();
    }

    public void verify(PublicKey publicKey, boolean z) throws CertTrustException, CertValidateException {
        verify(publicKey, size() - 1, z);
    }

    private void verify(PublicKey publicKey, int i, boolean z) throws CertTrustException, CertValidateException {
        X509Certificate x509Certificate = get(i);
        if (z) {
            try {
                x509Certificate.checkValidity();
            } catch (Exception e) {
                throw new CertValidateException(new StringBuffer("cert ").append(x509Certificate.getSubjectDN().getName()).append(" not before:").append(x509Certificate.getNotBefore()).append(" not after:").append(x509Certificate.getNotAfter()).toString());
            }
        }
        try {
            if (publicKey != null) {
                if (publicKey instanceof SM2PublicKey) {
                    NetSignImpl.verifyCert(x509Certificate.getSigAlgOID(), x509Certificate.getTBSCertificate(), x509Certificate.getSignature(), (SM2PublicKey) publicKey, Utils.getOSCCApucID(1, null));
                } else {
                    x509Certificate.verify(publicKey, NetSignImpl.PROVIDER_INFOSEC);
                }
            } else {
                if (!x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
                    throw new CertTrustException(new StringBuffer(String.valueOf(x509Certificate.getSubjectDN().getName())).append(" can not be trusted").toString());
                }
                if (Utils.getCertType(x509Certificate) == 1) {
                    try {
                        NetSignImpl.verifyCert(x509Certificate.getSigAlgOID(), x509Certificate.getTBSCertificate(), x509Certificate.getSignature(), new SM2Certificate(x509Certificate, x509Certificate.getEncoded(), x509Certificate.getTBSCertificate()).getSM2PublicKey(), Utils.getOSCCApucID(1, null));
                    } catch (Exception e2) {
                        throw new CertTrustException(e2);
                    }
                } else {
                    x509Certificate.verify(x509Certificate.getPublicKey());
                }
            }
            int i2 = i - 1;
            if (i2 > -1) {
                PublicKey publicKey2 = null;
                if (Utils.getCertType(x509Certificate) == 1) {
                    try {
                        publicKey2 = new SM2Certificate(x509Certificate, x509Certificate.getEncoded(), x509Certificate.getTBSCertificate()).getPublicKey();
                    } catch (Exception e3) {
                        ConsoleLogger.logException(e3);
                    }
                } else {
                    publicKey2 = x509Certificate.getPublicKey();
                }
                verify(publicKey2, i2, z);
            }
        } catch (Exception e4) {
            throw new CertTrustException(new StringBuffer(String.valueOf(x509Certificate.getSubjectDN().getName())).append(" can not be trusted").toString());
        }
    }

    public NetSignCertPath subPath(X509Certificate x509Certificate) {
        int indexOf = this.path.indexOf(NetSignX509Certificate.getInstance(x509Certificate));
        if (indexOf > -1) {
            return new NetSignCertPath(this.path.subList(0, indexOf));
        }
        return null;
    }

    public NetSignCertPath subPath(int i, int i2) {
        return new NetSignCertPath(this.path.subList(i, i + i2));
    }

    public int indexOf(X509Certificate x509Certificate) {
        return this.path.indexOf(NetSignX509Certificate.getInstance(x509Certificate));
    }

    public int whoisChild(Principal principal) {
        int size = size();
        for (int i = 0; i < size; i++) {
            if (((NetSignX509Certificate) this.path.get(i)).getIssuerDN().equals(principal)) {
                return i;
            }
        }
        return -1;
    }

    public int[] mostCloseIssuer(String[] strArr, int i) {
        int size = size();
        for (int i2 = i; i2 < size; i2++) {
            String issuerDNStr = ((NetSignX509Certificate) this.path.get(i2)).getIssuerDNStr();
            int length = strArr.length;
            for (int i3 = 0; i3 < length; i3++) {
                if (issuerDNStr.equals(strArr[i3])) {
                    return new int[]{i3, i2};
                }
            }
        }
        return null;
    }

    public int whoisChild(String str) {
        int size = size();
        for (int i = 0; i < size; i++) {
            if (((NetSignX509Certificate) this.path.get(i)).getIssuerDNStr().equals(str)) {
                return i;
            }
        }
        return -1;
    }

    public void checkValidity() throws CertificateNotYetValidException, CertificateExpiredException {
        for (int size = size(); 0 < size; size--) {
            ((NetSignX509Certificate) this.path.get(size)).checkValidity();
        }
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("NetSignCertPath ");
        if (this.path != null) {
            stringBuffer.append(new StringBuffer("size:").append(this.path.size()).toString()).append("\n");
            int size = this.path.size();
            for (int i = 0; i < size; i++) {
                stringBuffer.append(new StringBuffer(String.valueOf(get(i).getSubjectDN().getName())).append("\n").toString());
            }
        }
        return stringBuffer.toString();
    }

    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof NetSignCertPath)) {
            return false;
        }
        NetSignCertPath netSignCertPath = (NetSignCertPath) obj;
        if (this == netSignCertPath) {
            return true;
        }
        if (size() != netSignCertPath.size()) {
            return false;
        }
        int size = size();
        for (int i = 0; i < size; i++) {
            if (!get(i).equals(netSignCertPath.get(i))) {
                return false;
            }
        }
        return true;
    }
}
