package org.glite.voms.ac;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import java.util.SimpleTimeZone;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERGeneralizedTime;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.AttCertValidityPeriod;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.X509Principal;
import org.glite.voms.PKIUtils;

/* loaded from: input_file:org/glite/voms/ac/AttributeCertificate.class */
public class AttributeCertificate implements ASN1Encodable {
    protected static Logger logger = Logger.getLogger(AttributeCertificate.class);
    AttributeCertificateInfo acInfo;
    AlgorithmIdentifier signatureAlgorithm;
    DERBitString signatureValue;
    ASN1Primitive signedObj;

    public AttributeCertificate(ASN1Sequence aSN1Sequence) throws IOException {
        this.signedObj = null;
        this.signedObj = aSN1Sequence.getObjectAt(0).toASN1Primitive();
        this.acInfo = new AttributeCertificateInfo(aSN1Sequence.getObjectAt(0));
        this.signatureAlgorithm = AlgorithmIdentifier.getInstance(aSN1Sequence.getObjectAt(1));
        this.signatureValue = aSN1Sequence.getObjectAt(2);
    }

    public static AttributeCertificate getInstance(InputStream inputStream) throws IOException {
        return new AttributeCertificate(new ASN1InputStream(inputStream).readObject());
    }

    public AttributeCertificateInfo getAcinfo() {
        return this.acInfo;
    }

    public ASN1Sequence getAttributes() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getAttributes();
    }

    public DERInteger getSerialNumber() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getSerialNumber();
    }

    public String getVO() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getVO();
    }

    public String getHostPort() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getHostPort();
    }

    public String getHost() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getHost();
    }

    public int getPort() {
        if (this.acInfo == null) {
            return -1;
        }
        return this.acInfo.getPort();
    }

    public FullAttributes getFullAttributes() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getFullAttributes();
    }

    public ACCerts getCertList() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getCertList();
    }

    public ACTargets getTargets() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getTargets();
    }

    public List getFullyQualifiedAttributes() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getFullyQualifiedAttributes();
    }

    public List getListOfFQAN() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getListOfFQAN();
    }

    public List getAttributes(String str) {
        if (str == null) {
            return Collections.EMPTY_LIST;
        }
        ASN1Sequence attributes = getAttributes();
        if (attributes == null || attributes.size() == 0) {
            return Collections.EMPTY_LIST;
        }
        Vector vector = new Vector();
        Enumeration objects = attributes.getObjects();
        while (objects.hasMoreElements()) {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) objects.nextElement();
            if (str.equals(aSN1Sequence.getObjectAt(0).getId())) {
                Enumeration objects2 = aSN1Sequence.getObjectAt(1).getObjects();
                while (objects2.hasMoreElements()) {
                    vector.add(objects2.nextElement());
                }
            }
        }
        return vector;
    }

    public X509Extensions getExtensions() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getExtensions();
    }

    public X509Principal getIssuerX509() {
        if (this.acInfo == null || this.acInfo.getIssuer() == null) {
            return null;
        }
        Enumeration objects = this.acInfo.getIssuer().getIssuerName().toASN1Primitive().getObjects();
        while (objects.hasMoreElements()) {
            GeneralName generalName = GeneralName.getInstance(objects.nextElement());
            if (generalName.getTagNo() == 4) {
                return Util.generalNameToX509Name(generalName);
            }
        }
        return null;
    }

    public X500Principal getIssuer() {
        if (this.acInfo == null || this.acInfo.getIssuer() == null) {
            return null;
        }
        Enumeration objects = this.acInfo.getIssuer().getIssuerName().toASN1Primitive().getObjects();
        while (objects.hasMoreElements()) {
            GeneralName generalName = GeneralName.getInstance(objects.nextElement());
            if (generalName.getTagNo() == 4) {
                return Util.generalNameToX500Name(generalName);
            }
        }
        return null;
    }

    public String getHolderX509() {
        if (this.acInfo == null || this.acInfo.getHolder() == null) {
            return null;
        }
        Enumeration objects = this.acInfo.getHolder().getIssuer().toASN1Primitive().getObjects();
        while (objects.hasMoreElements()) {
            GeneralName generalName = GeneralName.getInstance(objects.nextElement());
            if (generalName.getTagNo() == 4) {
                return PKIUtils.getOpenSSLFormatPrincipal(Util.generalNameToX509Name(generalName));
            }
        }
        return null;
    }

    public Holder getHolder() {
        if (this.acInfo == null) {
            return null;
        }
        return this.acInfo.getHolder();
    }

    private static Date getDate(DERGeneralizedTime dERGeneralizedTime) throws ParseException {
        SimpleDateFormat simpleDateFormat;
        if (dERGeneralizedTime.getTime().indexOf("GMT") > 0) {
            simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmssz");
        } else {
            simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
            simpleDateFormat.setTimeZone(new SimpleTimeZone(0, "Z"));
        }
        return simpleDateFormat.parse(dERGeneralizedTime.getTime());
    }

    public Date getNotAfter() throws ParseException {
        return getDate(this.acInfo.getAttrCertValidityPeriod().getNotAfterTime());
    }

    public Date getNotBefore() throws ParseException {
        return getDate(this.acInfo.getAttrCertValidityPeriod().getNotBeforeTime());
    }

    public AlgorithmIdentifier getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public DERBitString getSignatureValue() {
        return this.signatureValue;
    }

    public byte[] getSignature() {
        return this.signatureValue.getBytes();
    }

    public boolean validAt(Date date) {
        AttCertValidityPeriod attrCertValidityPeriod = this.acInfo.getAttrCertValidityPeriod();
        if (date == null) {
            date = new Date();
        }
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar.setTime(getDate(attrCertValidityPeriod.getNotAfterTime()));
            calendar2.setTime(getDate(attrCertValidityPeriod.getNotBeforeTime()));
            calendar.add(12, 5);
            calendar2.add(12, -5);
            if (calendar.getTime().after(date)) {
                if (calendar2.getTime().before(date)) {
                    return true;
                }
            }
            return false;
        } catch (ParseException e) {
            throw new IllegalArgumentException("Invalid validity encoding in Attribute Certificate");
        }
    }

    public boolean isValid() {
        return validAt(new Date());
    }

    public boolean verify(PublicKey publicKey) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(this.acInfo);
            this.signatureValue.getBytes();
            Signature signature = Signature.getInstance(this.signatureAlgorithm.getObjectId().getId());
            signature.initVerify(publicKey);
            signature.update(byteArrayOutputStream.toByteArray());
            return signature.verify(this.signatureValue.getBytes());
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("Error verifying signature of AC issued by " + getIssuer().getName() + " : " + e.getMessage());
            return false;
        }
    }

    public boolean verifyCert(X509Certificate x509Certificate) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new DEROutputStream(byteArrayOutputStream).writeObject(this.acInfo);
            Signature signature = Signature.getInstance(this.signatureAlgorithm.getObjectId().getId());
            signature.initVerify(x509Certificate);
            signature.update(byteArrayOutputStream.toByteArray());
            return signature.verify(this.signatureValue.getBytes());
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("Error verifying signature of AC issued by " + getIssuer().getName() + " : " + e.getMessage());
            return false;
        }
    }

    public ASN1Primitive toASN1Primitive() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(this.acInfo);
        aSN1EncodableVector.add(this.signatureAlgorithm);
        aSN1EncodableVector.add(this.signatureValue);
        return new DERSequence(aSN1EncodableVector);
    }
}
