package com.xdja.pki.ra.core.util.cert;

import cn.com.infosec.netcert.resource.PropertiesKeysRes;
import com.xdja.pki.ra.core.common.Result;
import com.xdja.pki.ra.core.commonenum.ErrorEnum;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.regex.Pattern;
import javax.naming.NamingException;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/ra-core-2.0.1-20211108.054000-15.jar:com/xdja/pki/ra/core/util/cert/CertDnVerifyUtils.class
 */
/* loaded from: input_file:WEB-INF/lib/ra-core-2.0.1-SNAPSHOT.jar:com/xdja/pki/ra/core/util/cert/CertDnVerifyUtils.class */
public class CertDnVerifyUtils {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) CertDnVerifyUtils.class);
    private static Pattern COMMA_PATTERN = Pattern.compile("，");

    public static Result checkCertDnSort(String str) {
        Result result = new Result();
        String[] split = StringUtils.split(str, ",");
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (String str2 : split) {
            String[] split2 = StringUtils.split(str2, "=");
            arrayList.add(split2[0].trim());
            arrayList2.add(split2[1].trim());
        }
        if (arrayList.contains("DC") && arrayList.indexOf("DC") == 0) {
            logger.info("DC项是证书主体的第一个>>>certDn:" + str);
            return Result.failure(ErrorEnum.CERT_DN_DC_IS_FIRST);
        }
        if (arrayList.contains("CN")) {
            if (arrayList.indexOf("CN") != 0) {
                logger.info("CN项不是证书主体的第一个>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_CN_IS_NOT_FIRST);
                return result;
            }
            int lastIndexOf = arrayList.lastIndexOf("CN");
            int indexOf = arrayList.indexOf("CN");
            if (lastIndexOf != indexOf && Collections.frequency(arrayList, "CN") != (lastIndexOf + 1) - indexOf) {
                logger.info("所有的CN项的不都在最前面>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_CN_NOT_ALL_FIRST);
                return result;
            }
        }
        if (arrayList.contains("C")) {
            if (arrayList.lastIndexOf("C") != arrayList.size() - 1) {
                logger.info("C项不是证书主体的最后一个>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_C_IS_NOT_LAST);
                return result;
            }
            int lastIndexOf2 = arrayList.lastIndexOf("C");
            int indexOf2 = arrayList.indexOf("C");
            if (lastIndexOf2 != indexOf2 && Collections.frequency(arrayList, "C") != (lastIndexOf2 + 1) - indexOf2) {
                logger.info("所有的C项的不都在最后>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_C_NOT_ALL_LAST);
                return result;
            }
            for (int i = 0; i < lastIndexOf2 - indexOf2; i++) {
                if (!"CN".equalsIgnoreCase((String) arrayList2.get(indexOf2 + i))) {
                    logger.info("C项的值不是DN>>>certDn:" + str);
                    result.setError(ErrorEnum.CERT_DN_C_VALUE_IS_NOT_CN);
                    return result;
                }
            }
        }
        if (arrayList.contains("OU") && arrayList.contains("O")) {
            if (arrayList.indexOf("O") < arrayList.lastIndexOf("OU")) {
                logger.info("OU项不在O项的前面>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_OU_IS_NOT_BEFORE_O);
                return result;
            }
        }
        if (arrayList.contains("L") && (arrayList.contains("S") || arrayList.contains("ST"))) {
            if ((arrayList.indexOf("S") == -1 ? arrayList.indexOf("ST") : arrayList.indexOf("S")) < arrayList.lastIndexOf("L")) {
                logger.info("L项不在ST项的前面>>>certDn:" + str);
                result.setError(ErrorEnum.CERT_DN_L_IS_NOT_BEFORE_ST);
                return result;
            }
        }
        return result;
    }

    public static Result check64(String str) {
        Result result = new Result();
        for (String str2 : str.split(",")) {
            if (str2.substring(str2.indexOf("=") + 1, str2.length()).getBytes().length > 64) {
                logger.info("关键字值超过了64字节");
                result.setError(ErrorEnum.CERT_DN_KEY_VALUE_IS_OVER_64);
                return result;
            }
        }
        return result;
    }

    public static Result checkBlankSpace(String str) {
        Result result = new Result();
        String[] split = str.split(",");
        for (String str2 : split) {
            int indexOf = str2.indexOf("=");
            if (" ".equals(str2.substring(indexOf - 1, indexOf))) {
                logger.info("certDn不正确");
                result.setError(ErrorEnum.CERT_APPLY_DN_IS_ERROR);
                return result;
            }
        }
        for (int i = 1; i < split.length; i++) {
            if (" ".equals(split[i].substring(0, 1))) {
                logger.info("certDn不正确");
                result.setError(ErrorEnum.CERT_APPLY_DN_IS_ERROR);
                return result;
            }
        }
        return result;
    }

    public static Result checkCertDnSymbol(String str) {
        Result result = new Result();
        if (COMMA_PATTERN.matcher(str).find()) {
            logger.info("证书主体中包含中文逗号>>>certDn:" + str);
            result.setError(ErrorEnum.CERT_DN_HAVE_CHINESE_COMMA);
            return result;
        }
        for (String str2 : str.split(",")) {
            String[] split = str2.split("=");
            if (split.length > 2) {
                logger.info("证书主体中逗号间只能有一个等号>>>certDn:" + str + " errAttr:" + str2);
                result.setError(ErrorEnum.CERT_DN_HAVE_MORE_EQUAL_SIGN_BETWEEN_COMMA);
                return result;
            }
            if (split.length < 2) {
                logger.info("关键字的值不可以为空>>>certDn:" + str + " errAttr:" + str2);
                result.setError(ErrorEnum.CERT_DN_KEYWORD_VALUE_IS_EMPTY);
                return result;
            }
            if (StringUtils.isAnyBlank(split)) {
                logger.info("关键字的值不可以为空格>>>certDn:" + str + " errAttr:" + str2);
                result.setError(ErrorEnum.CERT_DN_KEYWORD_VALUE_IS_EMPTY_STRING);
                return result;
            }
        }
        for (String str3 : str.split("=")) {
            if (str3.split(",").length > 2) {
                logger.info("证书主体中等号间只能有一个逗号>>>certDn:" + str + " errAttr:" + str3);
                result.setError(ErrorEnum.CERT_DN_HAVE_MORE_COMMA_BETWEEN_EQUAL_SIGN);
                return result;
            }
        }
        return result;
    }

    public static Result checkDnKeywordOld(String str) {
        Result result = new Result();
        String[] split = str.split(",");
        String[] strArr = {"C", "CN", "DC", "DNQUALIFIER", "E", "GIVENNAME", "INITIALS", "L", "O", "OU", PropertiesKeysRes.SN, "ST", "STREET", "TELEPHONENUMBER", "TITLE", "UID"};
        boolean z = true;
        int length = split.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str2 = split[i];
            String substring = str2.substring(0, str2.indexOf("="));
            if (Arrays.binarySearch(strArr, substring) < 0) {
                z = false;
                logger.info("系统不支持关键字：" + substring);
                break;
            }
            i++;
        }
        if (z) {
            return result;
        }
        result.setError(ErrorEnum.CERT_DN_KEYWORD_IS_NOT_SUPPORT);
        return result;
    }

    public static Result checkDnKeyword(String str) {
        Result result = new Result();
        String[] split = str.split(",");
        List asList = Arrays.asList("C", "CN", "L", "O", "OU", "ST", "DC", "E", "DNQUALIFIER", "GIVENNAME", "INITIALS", PropertiesKeysRes.SN, "STREET", "TITLE", "TELEPHONENUMBER", "UID");
        boolean z = true;
        int length = split.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            String str2 = split[i];
            String upperCase = str2.substring(0, str2.indexOf("=")).toUpperCase();
            if (!asList.contains(upperCase)) {
                z = false;
                logger.info("系统不支持关键字：" + upperCase);
                break;
            }
            i++;
        }
        if (z) {
            return result;
        }
        result.setError(ErrorEnum.CERT_DN_KEYWORD_IS_NOT_SUPPORT);
        return result;
    }

    public static Result checkDn(X500Name x500Name) {
        Result result = new Result();
        for (RDN rdn : x500Name.getRDNs()) {
            for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
                String aSN1ObjectIdentifier = attributeTypeAndValue.getType().toString();
                String obj = attributeTypeAndValue.getValue().toString();
                try {
                } catch (UnsupportedEncodingException e) {
                    logger.error("获取证书主体关键字值异常", (Throwable) e);
                }
                if (COMMA_PATTERN.matcher(x500Name.toString()).find()) {
                    logger.info("证书主体中包含中文逗号>>>certDn:" + x500Name.toString());
                    result.setError(ErrorEnum.CERT_DN_HAVE_CHINESE_COMMA);
                    return result;
                }
                if (StringUtils.isBlank(obj)) {
                    logger.info("关键字的值不可以为空>>>certDn:" + x500Name.toString() + " errAttr:" + obj);
                    result.setError(ErrorEnum.CERT_DN_KEYWORD_VALUE_IS_EMPTY);
                    return result;
                }
                if (!DnUtil.DN.containsKey(aSN1ObjectIdentifier)) {
                    logger.error("DN中包含不支持的关键字type:" + aSN1ObjectIdentifier + "value: " + obj);
                    result.setError(ErrorEnum.CERT_DN_KEYWORD_IS_NOT_SUPPORT);
                    return result;
                }
                if (obj.getBytes("UTF-8").length > 64) {
                    logger.debug("解析DN中关键字" + RFC4519StyleUpperCase.INSTANCE.oidToDisplayName(attributeTypeAndValue.getType()) + "值{" + attributeTypeAndValue.getValue().toString() + "}超过64字节");
                    logger.error("关键字:" + DnUtil.DN.get(aSN1ObjectIdentifier) + "长度大于：64");
                    return Result.failure(ErrorEnum.CERT_DN_KEY_VALUE_IS_OVER_64);
                }
            }
        }
        return Result.success();
    }

    public static Result checkCertDnSort(X500Name x500Name) {
        String x500Name2 = x500Name.toString();
        Result result = new Result();
        RDN[] rDNs = x500Name.getRDNs();
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (int length = rDNs.length - 1; length >= 0; length--) {
            AttributeTypeAndValue first = rDNs[length].getFirst();
            arrayList.add(RFC4519StyleUpperCase.INSTANCE.oidToDisplayName(first.getType()));
            arrayList2.add(first.getValue().toString());
        }
        if (arrayList.contains("DC") && arrayList.indexOf("DC") == 0) {
            logger.info("DC项是证书主体的第一个>>>certDn:" + x500Name2);
            return Result.failure(ErrorEnum.CERT_DN_DC_IS_FIRST);
        }
        if (arrayList.contains("CN")) {
            if (arrayList.indexOf("CN") != 0) {
                logger.info("CN项不是证书主体的第一个>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_CN_IS_NOT_FIRST);
                return result;
            }
            int lastIndexOf = arrayList.lastIndexOf("CN");
            int indexOf = arrayList.indexOf("CN");
            if (lastIndexOf != indexOf && Collections.frequency(arrayList, "CN") != (lastIndexOf + 1) - indexOf) {
                logger.info("所有的CN项的不都在最前面>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_CN_NOT_ALL_FIRST);
                return result;
            }
        }
        if (arrayList.contains("C")) {
            if (arrayList.lastIndexOf("C") != arrayList.size() - 1) {
                logger.info("C项不是证书主体的最后一个>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_C_IS_NOT_LAST);
                return result;
            }
            int lastIndexOf2 = arrayList.lastIndexOf("C");
            int indexOf2 = arrayList.indexOf("C");
            if (lastIndexOf2 != indexOf2 && Collections.frequency(arrayList, "C") != (lastIndexOf2 + 1) - indexOf2) {
                logger.info("所有的C项的不都在最后>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_C_NOT_ALL_LAST);
                return result;
            }
        }
        if (arrayList.contains("OU") && arrayList.contains("O")) {
            if (arrayList.indexOf("O") < arrayList.lastIndexOf("OU")) {
                logger.info("OU项不在O项的前面>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_OU_IS_NOT_BEFORE_O);
                return result;
            }
        }
        if (arrayList.contains("L") && (arrayList.contains("S") || arrayList.contains("ST"))) {
            if ((arrayList.indexOf("S") == -1 ? arrayList.indexOf("ST") : arrayList.indexOf("S")) < arrayList.lastIndexOf("L")) {
                logger.info("L项不在ST项的前面>>>certDn:" + x500Name2);
                result.setError(ErrorEnum.CERT_DN_L_IS_NOT_BEFORE_ST);
                return result;
            }
        }
        return result;
    }

    public static void main(String[] strArr) throws NamingException {
        System.out.println(checkCertDnSort(DnUtil.getRFC4519X500Name("CN=00,SN=1 1,INITIALS=2，2,E=jbdf@qq.com,C=USA")).isSuccess());
        System.out.println(checkCertDnSort(DnUtil.getRFC4519X500Name("CN=00,SN=1 1,C=USA,INITIALS=2，2,E=jbdf@qq.com")));
        System.out.println(checkCertDnSort(DnUtil.getRFC4519X500Name("CN=00,SN=1 1,C=USA,INITIALS=2，2,E=jbdf@qq.com,C=ZZ")));
    }
}
