package com.jit.attr;

import com.jit.exception.GACertCRLException;
import com.jit.exception.GACertSignException;
import com.jit.exception.GACertTimeException;
import java.io.File;
import java.security.cert.X509Certificate;
import koal.pki.exception.LDAPException;
import koal.pki.exception.PKILDAPException;
import koal.pki.exception.ParameterException;
import koal.usap.client.author.ClientForAuthor;
import koal.usap.client.pep.bean.CertVerifyBean;
import koal.usap.client.pep.ldap.ClientLdapConfig;
import koal.usap.client.pep.ldap.biz.pki.IPkiLdapForCert;

/* loaded from: input_file:com/jit/attr/JitCertVerify.class */
public class JitCertVerify {
    public static IPkiLdapForCert pkiFor;
    public static ClientForAuthor author;
    private String ip;
    private String port;
    private String dn;
    private String jFPKIIp;
    private String jFPKIPort;
    private String dnJF;
    private String certChainPath;
    private String crlPath;

    public void setCertChainPath(String str) {
        this.certChainPath = str;
    }

    public String getCertChainPath() {
        if (this.certChainPath == null) {
            this.certChainPath = System.getProperty("java.home") + File.separator + "koalpki" + File.separator + "chain";
        }
        return this.certChainPath;
    }

    public String getCrlPath() {
        if (this.crlPath == null) {
            this.crlPath = System.getProperty("java.home") + File.separator + "koalpki" + File.separator + "crl";
        }
        return this.crlPath;
    }

    public void setCrlPath(String str) {
        this.crlPath = str;
    }

    public void setParameter(String str, String str2) throws ParameterException, PKILDAPException {
        this.ip = str;
        this.port = str2;
    }

    public void setBaseDN(String str) {
        this.dn = str;
    }

    public void setJFParameter(String str, String str2) throws ParameterException, PKILDAPException {
        this.jFPKIIp = str;
        this.jFPKIPort = str2;
    }

    public void setJFBaseDN(String str) {
        this.dnJF = str;
    }

    public void verify(X509Certificate x509Certificate, boolean z, boolean z2) throws LDAPException, GACertTimeException, GACertSignException, GACertCRLException, Exception {
        if (author == null) {
            author = new ClientForAuthor();
        }
        if (pkiFor == null) {
            ClientLdapConfig clientLdapConfig = null;
            if (this.ip != null) {
                clientLdapConfig = new ClientLdapConfig(this.ip, Integer.valueOf(this.port).intValue(), this.dn);
            }
            ClientLdapConfig clientLdapConfig2 = null;
            if (this.jFPKIIp != null) {
                clientLdapConfig2 = new ClientLdapConfig(this.jFPKIIp, Integer.valueOf(this.jFPKIPort).intValue(), this.dnJF);
            }
            CertVerifyBean certVerifyBean = new CertVerifyBean(z2, z, getCertChainPath(), getCrlPath());
            System.out.println("证书链存放目录：" + getCertChainPath());
            System.out.println("黑名单存放目录：" + getCrlPath());
            pkiFor = ClientForAuthor.createPkiLadpForCert(clientLdapConfig, clientLdapConfig2, certVerifyBean);
        }
        pkiFor.verifyCert(x509Certificate);
        if (z) {
            author.scheduledSaveCrl(2);
        }
    }
}
