package cn.com.jit.pki.core.entity.policy.extenpolicy;

import cn.com.jit.ida.util.pki.asn1.x509.X509Extensions;
import cn.com.jit.ida.util.pki.asn1.x509.X509Name;
import cn.com.jit.ida.util.pki.cipher.JKeyPair;
import cn.com.jit.pki.core.entity.CertInfo;
import cn.com.jit.pki.core.entity.Ctml;
import cn.com.jit.pki.core.entity.extension.ExtenSet;
import cn.com.jit.pki.core.entity.extension.IExtension;
import cn.com.jit.pki.core.entity.extension.x509impl.AccessDes;
import cn.com.jit.pki.core.entity.extension.x509impl.SubjectInfoAccessExtImpl;
import cn.com.jit.pki.core.entity.policy.ExtenPolicy;
import cn.com.jit.pki.core.entity.policy.ValidateFailedException;
import java.util.ArrayList;
import java.util.List;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/pki-core-1.0.2.3.jar:cn/com/jit/pki/core/entity/policy/extenpolicy/SubjectInfoAccessPolicy.class */
public class SubjectInfoAccessPolicy extends ExtenPolicy {
    private static final long serialVersionUID = 6277426611222112233L;
    public static final String POLICY_SUBJECT_INFO_ACCESS = "SubjectInfoAccessPolicy";
    private static final String XMLTAG_MUST_SPECIFY = "mustSpecify";
    private static final String XMLTAG_DEF_VALUE = "defValue";
    private List<AccessDes> subjectInfoAccessList;
    public static final String MS_CLIENT_MUST = "must";
    public static final String MS_CLIENT_ALLOW = "allow";
    public static final String MS_SERVER_SET = "serverSet";
    private String mustSpecify;
    private String defValue;

    public SubjectInfoAccessPolicy() {
        this.subjectInfoAccessList = null;
        this.mustSpecify = "allow";
        super.setName("SubjectInfoAccessPolicy");
        this.subjectInfoAccessList = new ArrayList();
    }

    public SubjectInfoAccessPolicy(String str) {
        this.subjectInfoAccessList = null;
        this.mustSpecify = "allow";
        this.mustSpecify = str;
    }

    @Override // cn.com.jit.pki.core.entity.policy.ExtenPolicy
    public IExtension processExten(CertInfo certInfo, Ctml ctml, X509Name x509Name, JKeyPair jKeyPair) {
        String str;
        SubjectInfoAccessExtImpl subjectInfoAccessExtImpl = new SubjectInfoAccessExtImpl();
        if (!"serverSet".equalsIgnoreCase(this.mustSpecify)) {
            ExtenSet sigExtenSet = certInfo.getSigExtenSet();
            if (sigExtenSet != null) {
                subjectInfoAccessExtImpl = (SubjectInfoAccessExtImpl) sigExtenSet.getExten(X509Extensions.SubjectInformationAccess.getId());
                if (subjectInfoAccessExtImpl == null || subjectInfoAccessExtImpl.getAccessDescription() == null || subjectInfoAccessExtImpl.getAccessDescription().length <= 0) {
                    if ("must".equalsIgnoreCase(this.mustSpecify)) {
                        throw new IllegalArgumentException("no subject information access was set.");
                    }
                    return null;
                }
            } else if ("must".equalsIgnoreCase(this.mustSpecify)) {
                throw new IllegalArgumentException("no subject information access was set.");
            }
        } else {
            if (this.defValue == null || this.defValue.equalsIgnoreCase("")) {
                throw new IllegalArgumentException("no subject information access was set.");
            }
            for (String str2 : this.defValue.split("[;]")) {
                if (str2 != null && !str2.trim().equals("")) {
                    int indexOf = str2.indexOf("=");
                    new String();
                    String substring = str2.substring(0, indexOf);
                    String substring2 = str2.substring(indexOf + 1);
                    if (substring2 != null && !substring2.trim().equals("") && indexOf != -1) {
                        if (substring.trim().equalsIgnoreCase(AccessDes.AIA_CA_REPOSITORY)) {
                            str = AccessDes.METHOD_CA_REPOSITORY;
                        } else if (substring.trim().equalsIgnoreCase(AccessDes.AIA_TIME_STAMPING)) {
                            str = AccessDes.METHOD_TIME_STAMPING;
                        }
                        addSubjectInfoAccess(str, 6, substring2);
                    }
                }
            }
            if (this.subjectInfoAccessList == null || this.subjectInfoAccessList.size() == 0) {
                throw new IllegalArgumentException("no correct subject information access was set.");
            }
            for (int i = 0; i < this.subjectInfoAccessList.size(); i++) {
                subjectInfoAccessExtImpl.addAccessDescription(this.subjectInfoAccessList.get(i));
            }
        }
        return subjectInfoAccessExtImpl;
    }

    public void addSubjectInfoAccess(String str, int i, String str2) {
        if (!AccessDes.METHOD_CA_REPOSITORY.equalsIgnoreCase(str) && !AccessDes.METHOD_TIME_STAMPING.equalsIgnoreCase(str)) {
            throw new IllegalArgumentException("invalid subject information access method:" + str);
        }
        if (4 != i && 6 != i) {
            throw new IllegalArgumentException("invalid subject information access location type:" + i);
        }
        if (str2 == null || str2.trim().equals("")) {
            throw new IllegalArgumentException("invalid subject information access location:" + str2);
        }
        AccessDes accessDes = new AccessDes();
        accessDes.setAccessMethod(str);
        accessDes.setAccessLocationType(i);
        accessDes.setAccessLocation(str2);
        this.subjectInfoAccessList.add(accessDes);
    }

    @Override // cn.com.jit.pki.core.entity.policy.ExtenPolicy, cn.com.jit.pki.core.entity.policy.AbstractPolicy, cn.com.jit.pki.core.entity.policy.IPolicy
    public void decodePolicy(Element element) {
        super.decodePolicy(element);
        this.mustSpecify = element.getAttribute(XMLTAG_MUST_SPECIFY);
        this.defValue = element.getAttribute(XMLTAG_DEF_VALUE);
    }

    @Override // cn.com.jit.pki.core.entity.policy.ExtenPolicy, cn.com.jit.pki.core.entity.policy.AbstractPolicy, cn.com.jit.pki.core.entity.policy.IPolicy
    public void encodePolicy(Document document, Element element) {
        super.encodePolicy(document, element);
        element.setAttribute(XMLTAG_MUST_SPECIFY, this.mustSpecify);
        element.setAttribute(XMLTAG_DEF_VALUE, this.defValue);
    }

    public void validate(Object obj) {
        if (("serverSet".equalsIgnoreCase(this.mustSpecify) || "must".equalsIgnoreCase(this.mustSpecify)) && !(obj instanceof SubjectInfoAccessPolicy)) {
            throw new ValidateFailedException("The object is not equals SubjectInfoAccessPolicy.");
        }
    }

    public String getMustSpecify() {
        return this.mustSpecify;
    }

    public void setMustSpecify(String str) {
        this.mustSpecify = str;
    }

    public String getDefValue() {
        return this.defValue;
    }

    public void setDefValue(String str) {
        this.defValue = str;
    }

    public List<AccessDes> getSubjectInfoAccessList() {
        return this.subjectInfoAccessList;
    }

    public void setSubjectInfoAccessList(List<AccessDes> list) {
        this.subjectInfoAccessList = list;
    }
}
