package com.xdja.pki.ca.certmanager.service.util;

import com.xdja.pki.ca.certmanager.service.crltemplate.bean.CrlExtensionVO;
import com.xdja.pki.ca.core.Constants;
import com.xdja.pki.ca.core.enums.CrlExtensionEnum;
import com.xdja.pki.ca.core.vo.CaInfoVO;
import com.xdja.pki.ca.core.vo.IssueCaBaseInfo;
import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.CRLNumber;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
import org.bouncycastle.asn1.x509.ReasonFlags;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:com/xdja/pki/ca/certmanager/service/util/CrlExtensionUtil.class */
public class CrlExtensionUtil {
    public static List<Extension> changeExtensionFormat(List<CrlExtensionVO> list, Integer num, Integer num2, String str, String str2, Long l, Boolean bool, Boolean bool2) throws NoSuchAlgorithmException, CertificateEncodingException, IOException, CertificateParsingException {
        IssueCaBaseInfo issueCaBaseInfo;
        Extension genAuthorityKeyIdentifier;
        CaInfoVO caInfoVO = (CaInfoVO) Constants.CA_INFO.get(Constants.ADMIN_CA_ID);
        if (l != Constants.ADMIN_CA_ID) {
            issueCaBaseInfo = (IssueCaBaseInfo) Constants.CA_INFO.get(l);
        } else {
            issueCaBaseInfo = new IssueCaBaseInfo();
            BeanUtils.copyProperties(caInfoVO, issueCaBaseInfo);
            issueCaBaseInfo.setId(l);
            issueCaBaseInfo.setPrivateKey(caInfoVO.getRootPrivateKey());
            issueCaBaseInfo.setKeyIndex(caInfoVO.getCaPwdBean().getKeyIndex());
            issueCaBaseInfo.setKeyPwd(caInfoVO.getCaPwdBean().getPrivateKeyPin());
            issueCaBaseInfo.setCert(caInfoVO.getCaCert());
            issueCaBaseInfo.setSignAlg(Integer.valueOf(caInfoVO.getSignAlg()));
        }
        ArrayList arrayList = new ArrayList();
        if (!CollectionUtils.isEmpty(list)) {
            for (CrlExtensionVO crlExtensionVO : list) {
                Boolean valueOf = Boolean.valueOf(crlExtensionVO.getIsCritical().intValue() == CrlExtensionEnum.IS_CRITICAL.getValue());
                if (crlExtensionVO.getExtenOid().equals(Extension.authorityKeyIdentifier.getId()) && null != (genAuthorityKeyIdentifier = genAuthorityKeyIdentifier(valueOf.booleanValue(), issueCaBaseInfo.getCert()))) {
                    arrayList.add(genAuthorityKeyIdentifier);
                }
                if (crlExtensionVO.getExtenOid().equals(Extension.issuerAlternativeName.getId())) {
                    Extension genIssueAlternativeNameExtension = genIssueAlternativeNameExtension(valueOf.booleanValue(), issueCaBaseInfo.getCert());
                    if (null == genIssueAlternativeNameExtension) {
                        genIssueAlternativeNameExtension = new Extension(Extension.issuerAlternativeName, valueOf.booleanValue(), "".getBytes());
                    }
                    arrayList.add(genIssueAlternativeNameExtension);
                }
                if (crlExtensionVO.getExtenOid().equals(Extension.cRLNumber.getId())) {
                    arrayList.add(new Extension(Extension.cRLNumber, valueOf.booleanValue(), new CRLNumber(BigInteger.valueOf(num.intValue())).getEncoded()));
                }
                if (bool2.booleanValue() && crlExtensionVO.getExtenOid().equals(Extension.deltaCRLIndicator.getId())) {
                    arrayList.add(new Extension(Extension.deltaCRLIndicator, valueOf.booleanValue(), new CRLNumber(BigInteger.valueOf(num2.intValue())).getEncoded()));
                }
                if (crlExtensionVO.getExtenOid().equals(Extension.issuingDistributionPoint.getId()) && issueCaBaseInfo != null) {
                    arrayList.add(new Extension(Extension.issuingDistributionPoint, valueOf.booleanValue(), new IssuingDistributionPoint(genDistributionPointName(bool2.booleanValue() ? str2 : str), !bool.booleanValue(), bool.booleanValue(), (ReasonFlags) null, false, false).getEncoded()));
                }
                if (!bool2.booleanValue() && crlExtensionVO.getExtenOid().equals(Extension.freshestCRL.getId())) {
                    arrayList.add(new Extension(Extension.freshestCRL, valueOf.booleanValue(), new CRLDistPoint(new DistributionPoint[]{new DistributionPoint(genDistributionPointName(str2), (ReasonFlags) null, (GeneralNames) null)}).getEncoded()));
                }
            }
        }
        return arrayList;
    }

    public static Extension genAuthorityKeyIdentifier(boolean z, X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        if (null == x509Certificate) {
            return null;
        }
        return new Extension(Extension.authorityKeyIdentifier, z, new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(x509Certificate).getEncoded());
    }

    public static Extension genIssueAlternativeNameExtension(boolean z, X509Certificate x509Certificate) throws IOException, CertificateParsingException {
        if (null == x509Certificate.getExtensionValue(Extension.subjectAlternativeName.getId())) {
            return null;
        }
        return new Extension(Extension.issuerAlternativeName, z, GeneralNames.getInstance(ASN1OctetString.getInstance(x509Certificate.getExtensionValue(Extension.subjectAlternativeName.getId())).getOctets()).getEncoded());
    }

    public static DistributionPointName genDistributionPointName(String str) {
        if (str == null) {
            str = "";
        }
        return new DistributionPointName(0, new GeneralNames(new GeneralName(6, new DEROctetString(str.getBytes()))));
    }
}
