package com.codeloom.cert.xscript;

import com.codeloom.cert.CertificateContent;
import com.codeloom.cert.bc.KeyPurposeIdTools;
import com.codeloom.cert.bc.builder.AddKeyUsage;
import com.codeloom.settings.Properties;
import com.codeloom.settings.PropertiesConstants;
import com.codeloom.util.Constants;
import com.codeloom.util.TypeTools;
import com.codeloom.xscript.ExecuteWatcher;
import com.codeloom.xscript.Logiclet;
import com.codeloom.xscript.LogicletContext;
import com.codeloom.xscript.annotation.AsLogiclet;
import com.codeloom.xscript.dom.XsArray;
import com.codeloom.xscript.dom.XsObject;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang3.StringUtils;

@AsLogiclet(tag = "cert-get-all")
/* loaded from: input_file:com/codeloom/cert/xscript/GetCertAll.class */
public class GetCertAll extends CertificateOperation {
    protected String $tag;
    protected static final String[] sanTypes = {"otherName", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID"};

    public GetCertAll(String str, Logiclet logiclet) {
        super(str, logiclet);
    }

    @Override // com.codeloom.cert.xscript.CertificateOperation, com.codeloom.xscript.AbstractLogiclet, com.codeloom.util.Configurable
    public void configure(Properties properties) {
        super.configure(properties);
        this.$tag = PropertiesConstants.getRaw(properties, Constants.ATTR_TAG, "");
    }

    protected void writeBasicInfo(XsObject xsObject, X509Certificate x509Certificate) {
        xsObject.addProperty("type", x509Certificate.getType());
        xsObject.addProperty("sn", Long.valueOf(x509Certificate.getSerialNumber().longValue()));
        xsObject.addProperty("version", Integer.valueOf(x509Certificate.getVersion()));
        xsObject.addProperty("signAlgorithm", x509Certificate.getSigAlgName());
        xsObject.addProperty("signAlgorithmOID", x509Certificate.getSigAlgOID());
        xsObject.addProperty("notBefore", Long.valueOf(x509Certificate.getNotBefore().getTime()));
        xsObject.addProperty("notAfter", Long.valueOf(x509Certificate.getNotAfter().getTime()));
        xsObject.addProperty("ca", x509Certificate.getBasicConstraints() >= 0);
        byte[] sigAlgParams = x509Certificate.getSigAlgParams();
        if (sigAlgParams != null) {
            xsObject.addProperty("signAlgorithmPara", TypeTools.byte2string(sigAlgParams, true, true));
        }
        byte[] signature = x509Certificate.getSignature();
        if (signature != null) {
            xsObject.addProperty("signature", TypeTools.byte2string(signature, true, true));
        }
    }

    protected void writeBaseUsage(XsObject xsObject, X509Certificate x509Certificate) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage == null || keyUsage.length < 9) {
            return;
        }
        XsObject objectChild = xsObject.getObjectChild("usage", true);
        objectChild.addProperty(AddKeyUsage.DEFAULT, keyUsage[0]);
        objectChild.addProperty("nonRepudiation", keyUsage[1]);
        objectChild.addProperty("keyEncipherment", keyUsage[2]);
        objectChild.addProperty("dataEncipherment", keyUsage[3]);
        objectChild.addProperty("keyAgreement", keyUsage[4]);
        objectChild.addProperty("keyCertSign", keyUsage[5]);
        objectChild.addProperty("cRLSign", keyUsage[6]);
        objectChild.addProperty("encipherOnly", keyUsage[7]);
        objectChild.addProperty("decipherOnly", keyUsage[8]);
    }

    protected void writeExtendedUsage(XsObject xsObject, X509Certificate x509Certificate) {
        try {
            List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
            XsObject objectChild = xsObject.getObjectChild("usage-ext", true);
            Iterator<String> it = extendedKeyUsage.iterator();
            while (it.hasNext()) {
                String name = KeyPurposeIdTools.getName(it.next());
                if (StringUtils.isNotEmpty(name)) {
                    objectChild.addProperty(name, true);
                }
            }
        } catch (Exception e) {
        }
    }

    protected void writeIssuer(XsObject xsObject, X509Certificate x509Certificate) {
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        if (issuerX500Principal != null) {
            XsObject objectChild = xsObject.getObjectChild("issuer", true);
            String name = issuerX500Principal.getName("RFC2253");
            objectChild.addProperty("raw", name);
            try {
                for (Rdn rdn : new LdapName(name).getRdns()) {
                    objectChild.addProperty(rdn.getType(), rdn.getValue().toString());
                }
                Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
                if (issuerAlternativeNames != null) {
                    XsArray arrayChild = objectChild.getArrayChild("sans", true);
                    for (List<?> list : issuerAlternativeNames) {
                        if (list.size() == 2) {
                            XsObject newObject = arrayChild.newObject();
                            newObject.addProperty("type", getSanTypeName(list.get(0).toString()));
                            newObject.addProperty(Constants.ATTR_VALUE, list.get(1).toString());
                            arrayChild.add(newObject);
                        }
                    }
                }
            } catch (Exception e) {
            }
        }
    }

    protected void writeSubject(XsObject xsObject, X509Certificate x509Certificate) {
        X500Principal subjectX500Principal = x509Certificate.getSubjectX500Principal();
        if (subjectX500Principal != null) {
            XsObject objectChild = xsObject.getObjectChild("subject", true);
            String name = subjectX500Principal.getName("RFC2253");
            objectChild.addProperty("raw", name);
            try {
                for (Rdn rdn : new LdapName(name).getRdns()) {
                    objectChild.addProperty(rdn.getType(), rdn.getValue().toString());
                }
                Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                if (subjectAlternativeNames != null) {
                    XsArray arrayChild = objectChild.getArrayChild("sans", true);
                    for (List<?> list : subjectAlternativeNames) {
                        if (list.size() == 2) {
                            XsObject newObject = arrayChild.newObject();
                            newObject.addProperty("type", getSanTypeName(list.get(0).toString()));
                            newObject.addProperty(Constants.ATTR_VALUE, list.get(1).toString());
                            arrayChild.add(newObject);
                        }
                    }
                }
            } catch (Exception e) {
            }
        }
    }

    protected void writePublicKey(XsObject xsObject, X509Certificate x509Certificate) {
        PublicKey publicKey = x509Certificate.getPublicKey();
        if (publicKey != null) {
            XsObject objectChild = xsObject.getObjectChild("public", true);
            objectChild.addProperty("algorithm", publicKey.getAlgorithm());
            objectChild.addProperty("format", publicKey.getFormat());
            objectChild.addProperty("content", TypeTools.byte2string(publicKey.getEncoded(), true, true));
        }
    }

    @Override // com.codeloom.cert.xscript.CertificateOperation
    protected void onExecute(CertificateContent certificateContent, XsObject xsObject, XsObject xsObject2, LogicletContext logicletContext, ExecuteWatcher executeWatcher) {
        XsObject xsObject3 = xsObject2;
        String transform = PropertiesConstants.transform(logicletContext, this.$tag, "");
        if (StringUtils.isNotEmpty(transform)) {
            xsObject3 = xsObject2.getObjectChild(transform, true);
        }
        X509Certificate certificate = certificateContent.getCertificate();
        if (certificate != null) {
            writeBasicInfo(xsObject3, certificate);
            writeBaseUsage(xsObject3, certificate);
            writeExtendedUsage(xsObject3, certificate);
            writeIssuer(xsObject3, certificate);
            writeSubject(xsObject3, certificate);
            writePublicKey(xsObject3, certificate);
        }
    }

    public static String getSanTypeName(String str) {
        int i = 0;
        try {
            i = Integer.parseInt(str);
        } catch (NumberFormatException e) {
        }
        if (i < 0 || i >= sanTypes.length) {
            i = 0;
        }
        return sanTypes[i];
    }
}
