package iaik.pki.store.certstore.selector;

import iaik.asn1.structures.Name;
import iaik.logging.Log;
import iaik.logging.LogFactory;
import iaik.logging.TransactionId;
import iaik.pki.store.certstore.CertStoreException;
import iaik.pki.store.certstore.selector.email.EmailCertSelector;
import iaik.pki.store.certstore.selector.is.IssuerSerialCertSelector;
import iaik.pki.store.certstore.selector.kv.KeyValueCertSelector;
import iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelector;
import iaik.pki.store.certstore.selector.ski.SubjectKeyIdentifierCertSelector;
import iaik.pki.utils.Constants;
import iaik.pki.utils.NameUtils;
import iaik.pki.utils.UtilsException;
import iaik.x509.X509Certificate;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.extensions.SubjectKeyIdentifier;
import java.math.BigInteger;
import java.security.PublicKey;
import java.util.Arrays;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_pki-2.00-MOA-MOCCA.jar:iaik/pki/store/certstore/selector/X509CertSelector.class */
public class X509CertSelector implements CertSelector, SubjectDNCertSelector, IssuerSerialCertSelector, KeyValueCertSelector, SubjectKeyIdentifierCertSelector, EmailCertSelector {
    protected static Log log_ = LogFactory.getLog(Constants.MODULE_NAME);
    protected Name issuerDN_ = null;
    protected String normalizedIssuer_ = null;
    protected Name subjectDN_ = null;
    protected String normalizedSubject_ = null;
    protected BigInteger serialNumber_ = null;
    protected String emailAddress_ = null;
    protected SubjectKeyIdentifier subjectKeyIdentifier_ = null;
    protected PublicKey publicKey_ = null;
    protected String keyName_ = null;

    @Override // iaik.pki.store.certstore.selector.CertSelector
    public boolean matches(X509Certificate x509Certificate, TransactionId transactionId) throws CertStoreException {
        boolean z = true;
        if (this.normalizedSubject_ != null) {
            z = false;
            try {
                String normalizedName = NameUtils.getNormalizedName((Name) x509Certificate.getSubjectDN());
                if (!normalizedName.equals(this.normalizedSubject_)) {
                    log_.debug(transactionId, "SubjectDN of selected certificate (" + normalizedName + ") does not match the SubjectDN (" + this.normalizedSubject_ + ") searched for.", null);
                    return false;
                }
            } catch (UtilsException e) {
                throw new CertStoreException("Error normalizing subjectDN: \"" + ((Name) x509Certificate.getSubjectDN()).getName() + "\".", null, getClass().getName() + ":1");
            }
        }
        if (this.normalizedIssuer_ != null) {
            z = false;
            try {
                String normalizedName2 = NameUtils.getNormalizedName((Name) x509Certificate.getIssuerDN());
                if (!normalizedName2.equals(this.normalizedIssuer_)) {
                    log_.debug(transactionId, "IssuerDN of selected certificate (" + normalizedName2 + ") does not match the IssuerDN (" + this.normalizedIssuer_ + ") searched for.", null);
                    return false;
                }
            } catch (UtilsException e2) {
                throw new CertStoreException("Error normalizing issuerDN: \"" + ((Name) x509Certificate.getIssuerDN()).getName() + "\".", null, getClass().getName() + ":1");
            }
        }
        if (this.serialNumber_ != null) {
            z = false;
            if (!this.serialNumber_.equals(x509Certificate.getSerialNumber())) {
                log_.debug(transactionId, "Serial number of selected certificate (" + x509Certificate.getSerialNumber() + ") does not match the serial number (" + this.serialNumber_ + ") searched for.", null);
                return false;
            }
        }
        if (this.publicKey_ != null) {
            z = false;
            if (!Arrays.equals(this.publicKey_.getEncoded(), x509Certificate.getPublicKey().getEncoded())) {
                log_.debug(transactionId, "Public key of selected certificate does not match the public key searched for.", null);
                return false;
            }
        }
        if (this.subjectKeyIdentifier_ != null) {
            z = false;
            try {
                SubjectKeyIdentifier subjectKeyIdentifier = (SubjectKeyIdentifier) x509Certificate.getExtension(SubjectKeyIdentifier.oid);
                if (subjectKeyIdentifier == null) {
                    log_.debug(transactionId, "No SubjectKeyIdentifier extension included in certificate \"" + x509Certificate.getSubjectDN() + "\", serial number: \"" + x509Certificate.getSerialNumber() + "\"", null);
                    return false;
                }
                if (!Arrays.equals(this.subjectKeyIdentifier_.get(), subjectKeyIdentifier.get())) {
                    log_.debug(transactionId, "SubjectKeyIdentifier of selected certificate does not match the SubjectKeyIdentifier searched for.", null);
                    return false;
                }
            } catch (X509ExtensionInitException e3) {
                throw new CertStoreException("Error getting SubjectKeyIdentifier of certificate (subjectDN: \"" + x509Certificate.getSubjectDN() + "\", serial number: \"" + x509Certificate.getSerialNumber() + "\").", e3, getClass().getName() + ":3");
            }
        }
        if (this.emailAddress_ != null) {
            z = false;
            boolean z2 = false;
            String[] emailAddresses = x509Certificate.getEmailAddresses();
            int i = 0;
            while (true) {
                if (i >= emailAddresses.length) {
                    break;
                }
                if (emailAddresses[i].equalsIgnoreCase(this.emailAddress_)) {
                    z2 = true;
                    break;
                }
                i++;
            }
            if (!z2) {
                log_.debug(transactionId, "None of the email addresses included in the selected matches the email address (" + this.emailAddress_ + ") searched for.", null);
                return false;
            }
        }
        if (!z) {
            return true;
        }
        log_.info(transactionId, "Selected certificate matches because no search criteria set.", null);
        return true;
    }

    public void setSubjectDN(X509Certificate x509Certificate) throws CertStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"certificate\" must not be null.");
        }
        this.subjectDN_ = (Name) x509Certificate.getSubjectDN();
        try {
            this.normalizedSubject_ = NameUtils.getNormalizedName(this.subjectDN_);
        } catch (UtilsException e) {
            throw new CertStoreException("Error normalizing subjectDN: \"" + ((Name) x509Certificate.getSubjectDN()).getName() + "\".", null, getClass().getName() + ":1");
        }
    }

    public void setSubjectDN(Name name) throws CertStoreException {
        if (name == null) {
            throw new NullPointerException("Argument \"subjectDN\" must not be null.");
        }
        this.subjectDN_ = name;
        try {
            this.normalizedSubject_ = NameUtils.getNormalizedName(name);
        } catch (UtilsException e) {
            throw new CertStoreException("Error parsing subjectDN.", null, getClass().getName() + ":1");
        }
    }

    public void setSubjectDN(String str) throws CertStoreException {
        if (str == null) {
            throw new NullPointerException("Argument \"subjectDN\" must not be null.");
        }
        try {
            this.subjectDN_ = NameUtils.getName(str);
            this.normalizedSubject_ = NameUtils.getNormalizedName(this.subjectDN_);
        } catch (UtilsException e) {
            throw new CertStoreException("Error normalizing subject (" + str + ").", null, getClass().getName() + ":2");
        }
    }

    public void setIssuerDN(X509Certificate x509Certificate) throws CertStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"certificate\" must not be null.");
        }
        this.issuerDN_ = (Name) x509Certificate.getIssuerDN();
        try {
            this.normalizedIssuer_ = NameUtils.getNormalizedName(this.issuerDN_);
        } catch (UtilsException e) {
            throw new CertStoreException("Error normalizing IssuerDN: " + this.issuerDN_.getName() + ".", null, getClass().getName() + ":3");
        }
    }

    public void setIssuerDN(Name name) throws CertStoreException {
        if (name == null) {
            throw new NullPointerException("Argument \"issuerDN\" must not be null.");
        }
        this.issuerDN_ = name;
        try {
            this.normalizedIssuer_ = NameUtils.getNormalizedName(name);
        } catch (UtilsException e) {
            throw new CertStoreException("Error normaliting IssuerDN: " + name.getName() + ".", null, getClass().getName() + ":4");
        }
    }

    public void setIssuerDN(String str) throws CertStoreException {
        if (str == null) {
            throw new NullPointerException("Argument \"issuerDN\" must not be null.");
        }
        try {
            this.normalizedIssuer_ = NameUtils.getNormalizedName(str);
        } catch (UtilsException e) {
            throw new CertStoreException("Error normalizing IssuerDN: " + str + ".", null, getClass().getName() + ":5");
        }
    }

    public void setSerialNumber(BigInteger bigInteger) {
        this.serialNumber_ = bigInteger;
    }

    public void setPublicKey(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"certificate\" must not be null.");
        }
        this.publicKey_ = x509Certificate.getPublicKey();
    }

    public void setPublicKey(PublicKey publicKey) {
        if (publicKey == null) {
            throw new NullPointerException("Argument \"publicKey\" must not be null.");
        }
        this.publicKey_ = publicKey;
    }

    public void setSubjectKeyIdentifier(X509Certificate x509Certificate) throws CertStoreException {
        if (x509Certificate == null) {
            throw new NullPointerException("Argument \"cert\" must not be null.");
        }
        try {
            SubjectKeyIdentifier subjectKeyIdentifier = (SubjectKeyIdentifier) x509Certificate.getExtension(SubjectKeyIdentifier.oid);
            if (subjectKeyIdentifier == null) {
                throw new CertStoreException("Could not get SubjectKeyIdentifier from certificate (subjectDN: \"" + x509Certificate.getSubjectDN() + "\", serial number: \"" + x509Certificate.getSerialNumber() + "\"). No SubjectKeyIdentifier extension included.", null, getClass().getName() + ":6");
            }
            this.subjectKeyIdentifier_ = subjectKeyIdentifier;
        } catch (X509ExtensionInitException e) {
            throw new CertStoreException("Error getting SubjectKeyIdentifier of certificate (subjectDN: \"" + x509Certificate.getSubjectDN() + "\", serial number: \"" + x509Certificate.getSerialNumber() + "\").", e, getClass().getName() + ":2");
        }
    }

    public void setSubjectKeyIdentifier(SubjectKeyIdentifier subjectKeyIdentifier) {
        if (subjectKeyIdentifier == null) {
            throw new NullPointerException("Argument \"subjectKeyIdentifier\" must not be null.");
        }
        this.subjectKeyIdentifier_ = subjectKeyIdentifier;
    }

    public void setEmailAddress(String str) {
        this.emailAddress_ = str;
    }

    @Override // iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelector
    public Name getSubjectDN() {
        return this.subjectDN_;
    }

    @Override // iaik.pki.store.certstore.selector.sdn.SubjectDNCertSelector
    public String getNormalizedSubjectDN() {
        return this.normalizedSubject_;
    }

    @Override // iaik.pki.store.certstore.selector.is.IssuerSerialCertSelector
    public String getNormalizedIssuer() {
        return this.normalizedIssuer_;
    }

    @Override // iaik.pki.store.certstore.selector.is.IssuerSerialCertSelector
    public BigInteger getSerialNumber() {
        return this.serialNumber_;
    }

    @Override // iaik.pki.store.certstore.selector.kv.KeyValueCertSelector
    public PublicKey getPublicKey() {
        return this.publicKey_;
    }

    @Override // iaik.pki.store.certstore.selector.ski.SubjectKeyIdentifierCertSelector
    public SubjectKeyIdentifier getSubjectKeyIdentifier() {
        return this.subjectKeyIdentifier_;
    }

    @Override // iaik.pki.store.certstore.selector.email.EmailCertSelector
    public String getEmailAddress() {
        return this.emailAddress_;
    }
}
