package org.xwiki.crypto.x509;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.PrincipalUtil;
import org.bouncycastle.jce.X509Principal;
import org.xwiki.crypto.internal.Convert;
import org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper;

/* loaded from: input_file:WEB-INF/lib/xwiki-platform-crypto-5.0.1.jar:org/xwiki/crypto/x509/XWikiX509Certificate.class */
public class XWikiX509Certificate extends AbstractX509CertificateWrapper {
    private static final String CERT_TYPE = "X509";
    private static final String FINGERPRINT_ALGORITHM = "SHA1";
    private static final String CERT_BEGIN = "-----BEGIN CERTIFICATE-----";
    private static final String CERT_END = "-----END CERTIFICATE-----";
    private final String fingerprint;
    private final String issuerFingerprint;

    public XWikiX509Certificate(X509Certificate x509Certificate) {
        this(x509Certificate, null);
    }

    public XWikiX509Certificate(X509Certificate x509Certificate, String str) {
        super(x509Certificate);
        this.fingerprint = calculateFingerprint(x509Certificate);
        if (str == null && (x509Certificate instanceof XWikiX509Certificate)) {
            this.issuerFingerprint = ((XWikiX509Certificate) x509Certificate).getIssuerFingerprint();
        } else if (str == null) {
            this.issuerFingerprint = this.fingerprint;
        } else {
            this.issuerFingerprint = str;
        }
    }

    public static String calculateFingerprint(Certificate certificate) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(FINGERPRINT_ALGORITHM);
            return String.format("%0" + (messageDigest.getDigestLength() * 2) + "x", new BigInteger(1, messageDigest.digest(certificate.getEncoded())));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper, java.security.cert.Certificate
    public int hashCode() {
        return this.fingerprint.hashCode();
    }

    @Override // org.xwiki.crypto.x509.internal.AbstractX509CertificateWrapper, java.security.cert.Certificate
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj instanceof XWikiX509Certificate) {
            return getFingerprint().equals(((XWikiX509Certificate) obj).getFingerprint());
        }
        return false;
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("XWikiX509Certificate\n");
        sb.append("---------------------------------------------------------------\n");
        sb.append(String.format("%20s : %s\n", "Fingerprint", getFingerprint()));
        sb.append(String.format("%20s : %s\n", "SubjectDN", getAuthorName()));
        sb.append(String.format("%20s : %s\n", "IssuerDN", getIssuerName()));
        sb.append(String.format("%20s : %s\n", "Issuer Fingerprint", getIssuerFingerprint()));
        sb.append(String.format("%20s : %s\n", "SerialNumber", getSerialNumber().toString(16)));
        sb.append(String.format("%20s : %s\n", "Start Date", getNotBefore()));
        sb.append(String.format("%20s : %s\n", "Final Date", getNotAfter()));
        sb.append(String.format("%20s : %s\n", "Public Key Algorithm", getPublicKey().getAlgorithm()));
        sb.append(String.format("%20s : %s\n", "Signature Algorithm", getSigAlgName()));
        try {
            sb.append(toPEMString());
        } catch (CertificateEncodingException e) {
        }
        return sb.toString();
    }

    public String getFingerprint() {
        return this.fingerprint;
    }

    public String toPEMString() throws CertificateEncodingException {
        return CERT_BEGIN + Convert.getNewline() + Convert.toChunkedBase64String(this.certificate.getEncoded()) + CERT_END + Convert.getNewline();
    }

    public static XWikiX509Certificate fromPEMString(String str) throws GeneralSecurityException {
        byte[] fromBase64String = Convert.fromBase64String(str, CERT_BEGIN, CERT_END);
        CertificateFactory certificateFactory = CertificateFactory.getInstance(CERT_TYPE);
        Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(fromBase64String));
        if (!(generateCertificate instanceof X509Certificate)) {
            throw new GeneralSecurityException("Unsupported certificate type: " + generateCertificate.getType());
        }
        int indexOf = str.indexOf(CERT_BEGIN, str.indexOf(CERT_END));
        if (indexOf > 0) {
            try {
                return new XWikiX509Certificate((X509Certificate) generateCertificate, calculateFingerprint(certificateFactory.generateCertificate(new ByteArrayInputStream(Convert.fromBase64String(str.substring(indexOf), CERT_BEGIN, CERT_END)))));
            } catch (GeneralSecurityException e) {
            }
        }
        return new XWikiX509Certificate((X509Certificate) generateCertificate);
    }

    public static XWikiX509Certificate[] fromCertificateChain(Certificate[] certificateArr) {
        XWikiX509Certificate[] xWikiX509CertificateArr = new XWikiX509Certificate[certificateArr.length];
        String str = null;
        for (int length = certificateArr.length - 1; length >= 0; length--) {
            if (!(certificateArr[length] instanceof X509Certificate)) {
                throw new IllegalArgumentException("Only X509 certificates are supported, found: " + certificateArr[length].getType());
            }
            xWikiX509CertificateArr[length] = new XWikiX509Certificate((X509Certificate) certificateArr[length], str);
            str = xWikiX509CertificateArr[length].getFingerprint();
        }
        return xWikiX509CertificateArr;
    }

    public String getIssuerName() {
        return getIssuerX500Principal().getName();
    }

    public String getIssuerFingerprint() {
        return this.issuerFingerprint;
    }

    public String getAuthorName() {
        return getSubjectX500Principal().getName();
    }

    public String getAuthorUID() {
        try {
            X509Principal subjectX509Principal = PrincipalUtil.getSubjectX509Principal(this.certificate);
            return subjectX509Principal.getValues(X509Name.UID).size() == 0 ? "" : (String) subjectX509Principal.getValues(X509Name.UID).get(0);
        } catch (CertificateEncodingException e) {
            return "";
        }
    }
}
