package com.xdja.pki.ca.core.util.verify;

import com.xdja.pki.ca.core.common.ErrorEnum;
import com.xdja.pki.ca.core.common.Result;
import com.xdja.pki.ca.core.util.DnUtil;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
import org.bouncycastle.asn1.x500.RDN;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/ca-core-0.0.1-SNAPSHOT.jar:com/xdja/pki/ca/core/util/verify/VerifyCertDnUtil.class */
public class VerifyCertDnUtil {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) VerifyCertDnUtil.class);

    public static Result checkCertDnSymbol(String str) {
        if (Pattern.compile("，").matcher(str).find()) {
            logger.info("证书主体中包含中文逗号>>>certDn:" + str);
            return Result.failure(ErrorEnum.CERT_DN_HAVE_CHINESE_COMMA);
        }
        if (str.contains("=,") || str.contains(",=")) {
            logger.info("raBaseDn格式不正确:{}", str);
            return Result.failure(ErrorEnum.BASEDN_FORMAT_ERROR);
        }
        for (String str2 : str.split(",")) {
            if (StringUtils.countMatches((CharSequence) str2, '=') > 1) {
                logger.info("证书主体中逗号间只能有一个等号>>>certDn:" + str + " errAttr:" + str2);
                return Result.failure(ErrorEnum.CERT_DN_HAVE_MORE_EQUAL_SIGN_BETWEEN_COMMA);
            }
        }
        for (String str3 : str.split("=")) {
            if (StringUtils.countMatches((CharSequence) str3, ',') > 1) {
                logger.info("证书主体中等号间只能有一个逗号>>>certDn:" + str + " errAttr:" + str3);
                return Result.failure(ErrorEnum.CERT_DN_HAVE_MORE_COMMA_BETWEEN_EQUAL_SIGN);
            }
        }
        return Result.success();
    }

    public static Result checkCertDnSort(String str) {
        String[] split = StringUtils.split(str, ",");
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (String str2 : split) {
            String[] split2 = StringUtils.split(str2, "=");
            arrayList.add(split2[0].trim());
            arrayList2.add(split2[1].trim());
        }
        if (arrayList.contains("CN")) {
            if (arrayList.indexOf("CN") != 0) {
                logger.info("CN项不是证书主体的第一个>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_CN_IS_NOT_FIRST);
            }
            int lastIndexOf = arrayList.lastIndexOf("CN");
            int indexOf = arrayList.indexOf("CN");
            if (lastIndexOf != indexOf && Collections.frequency(arrayList, "CN") != (lastIndexOf + 1) - indexOf) {
                logger.info("所有的CN项的不都在最前面>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_CN_NOT_ALL_FIRST);
            }
        }
        if (arrayList.contains("C")) {
            if (arrayList.lastIndexOf("C") != arrayList.size() - 1) {
                logger.info("C项不是证书主体的最后一个>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_C_IS_NOT_LAST);
            }
            int lastIndexOf2 = arrayList.lastIndexOf("C");
            int indexOf2 = arrayList.indexOf("C");
            if (lastIndexOf2 != indexOf2 && Collections.frequency(arrayList, "C") != (lastIndexOf2 + 1) - indexOf2) {
                logger.info("所有的C项的不都在最后>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_C_NOT_ALL_LAST);
            }
            for (int i = 0; i < lastIndexOf2 - indexOf2; i++) {
                if (!"CN".equalsIgnoreCase((String) arrayList2.get(indexOf2 + i))) {
                    logger.info("C项的值不是DN>>>certDn:" + str);
                    return Result.failure(ErrorEnum.CERT_DN_C_VALUE_IS_NOT_CN);
                }
            }
        }
        if (arrayList.contains("OU") && arrayList.contains("O")) {
            if (arrayList.indexOf("O") < arrayList.lastIndexOf("OU")) {
                logger.info("OU项不在O项的前面>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_OU_IS_NOT_BEFORE_O);
            }
        }
        if (arrayList.contains("L") && (arrayList.contains("S") || arrayList.contains("ST"))) {
            if ((arrayList.indexOf("S") == -1 ? arrayList.indexOf("ST") : arrayList.indexOf("S")) < arrayList.lastIndexOf("L")) {
                logger.info("L项不在S项的前面>>>certDn:" + str);
                return Result.failure(ErrorEnum.CERT_DN_L_IS_NOT_BEFORE_S);
            }
        }
        return Result.success();
    }

    public static Result checkBlankSpace(String str) {
        Result result = new Result();
        String[] split = str.split(",");
        if (split.length != str.split("=").length - 1) {
            logger.info("certDn不正确");
            result.setError(ErrorEnum.DN_FORMAT_FAIL);
            return result;
        }
        for (String str2 : split) {
            if (str2.equals(" ") || str2.trim().equals("")) {
                logger.info("certDn不正确");
                result.setError(ErrorEnum.DN_FORMAT_FAIL);
                return result;
            }
            int indexOf = str2.indexOf("=");
            if (str2.substring(indexOf - 1, indexOf).equals(" ")) {
                logger.info("certDn不正确");
                result.setError(ErrorEnum.DN_FORMAT_FAIL);
                return result;
            }
        }
        for (int i = 1; i < split.length; i++) {
            if (split[i].substring(0, 1).equals(" ")) {
                logger.info("certDn不正确");
                result.setError(ErrorEnum.DN_FORMAT_FAIL);
                return result;
            }
        }
        return result;
    }

    public static Result checkDn(String str, Integer num) {
        for (RDN rdn : DnUtil.getRFC4519X500Name(str).getRDNs()) {
            for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
                String aSN1ObjectIdentifier = attributeTypeAndValue.getType().toString();
                String obj = attributeTypeAndValue.getValue().toString();
                try {
                } catch (UnsupportedEncodingException e) {
                    logger.error("获取证书主体关键字值异常", (Throwable) e);
                }
                if (!DnUtil.DN.containsKey(aSN1ObjectIdentifier)) {
                    logger.error("DN中包含不支持的关键字");
                    return Result.failure(ErrorEnum.DN_CONTAIN_NOT_SUPPORTED_KEY_VALUE);
                }
                if (obj.getBytes("UTF-8").length > num.intValue()) {
                    logger.error("关键字:" + DnUtil.DN.get(aSN1ObjectIdentifier) + "长度大于：" + num);
                    return Result.failure(ErrorEnum.DN_KEY_VALUE_LENGTH_IS_TOO_LONG);
                }
            }
        }
        return Result.success();
    }
}
