package de.governikus.bea.beaToolkit.certificateCache;

import de.bos_bremen.ci.BSource;
import de.bos_bremen.ci.asn1.ParseException;
import de.bos_bremen.ci.asn1.x509.Certificate;
import de.bos_bremen.ci.asn1.x509.Name;
import de.governikus.bea.beaToolkit.io.Utils;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:de/governikus/bea/beaToolkit/certificateCache/CertificateStatus.class */
public class CertificateStatus {
    public static final int CERTFIFCATE_INVALID = -2;
    public static final int STATUS_INDETERMINED = -1;
    public static final int QUALITY_ADVANCED = 0;
    public static final int QUALITY_QUALIFIED = 1;
    public static final int QUALITY_ACCREDITED = 2;
    private static final Logger LOG = LogManager.getLogger(CertificateStatus.class);
    static CertificateStatus instance;
    Map<Name, Integer> states = new HashMap();

    public static CertificateStatus getInstance() {
        if (instance == null) {
            instance = new CertificateStatus();
        }
        return instance;
    }

    public int check(Certificate certificate) throws ParseException, KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
        Map<Name, Integer> states = getStates();
        if (states.containsKey(certificate.getIssuer())) {
            return states.get(certificate.getIssuer()).intValue();
        }
        return -1;
    }

    private Map<Name, Integer> getStates() throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException {
        if (this.states.isEmpty()) {
            char[] charArray = "123456".toCharArray();
            InputStream resourceAsStream = CertificateStatus.class.getResourceAsStream("/issuers/issuerAdvanced.p12");
            if (resourceAsStream != null) {
                try {
                    KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
                    keyStore.load(resourceAsStream, charArray);
                    Utils.closeStream(resourceAsStream);
                    Enumeration<String> aliases = keyStore.aliases();
                    while (aliases.hasMoreElements()) {
                        try {
                            this.states.put(Certificate.forX509(keyStore.getCertificate(aliases.nextElement())).getSubject(), 0);
                        } catch (ParseException e) {
                            LOG.debug("", e);
                        }
                    }
                } finally {
                }
            }
            InputStream resourceAsStream2 = CertificateStatus.class.getResourceAsStream("/issuers/issuerQualified.p12");
            if (resourceAsStream2 != null) {
                try {
                    KeyStore keyStore2 = KeyStore.getInstance("PKCS12", "BC");
                    keyStore2.load(resourceAsStream2, charArray);
                    Utils.closeStream(resourceAsStream2);
                    Enumeration<String> aliases2 = keyStore2.aliases();
                    while (aliases2.hasMoreElements()) {
                        try {
                            this.states.put(Certificate.forX509(keyStore2.getCertificate(aliases2.nextElement())).getSubject(), 1);
                        } catch (ParseException e2) {
                            LOG.debug("", e2);
                        }
                    }
                } finally {
                }
            }
            resourceAsStream = CertificateStatus.class.getResourceAsStream("/issuers/issuerAccredited.p12");
            if (resourceAsStream != null) {
                try {
                    KeyStore keyStore3 = KeyStore.getInstance("PKCS12", "BC");
                    keyStore3.load(resourceAsStream, charArray);
                    Utils.closeStream(resourceAsStream);
                    Enumeration<String> aliases3 = keyStore3.aliases();
                    while (aliases3.hasMoreElements()) {
                        try {
                            this.states.put(new Certificate(new BSource(keyStore3.getCertificate(aliases3.nextElement()).getEncoded())).getSubject(), 2);
                        } catch (ParseException e3) {
                            LOG.debug("", e3);
                        }
                    }
                } finally {
                    Utils.closeStream(resourceAsStream);
                }
            }
        }
        return this.states;
    }

    public boolean isQes(X509Certificate x509Certificate) {
        try {
            try {
                switch (getInstance().check(Certificate.forX509(x509Certificate))) {
                    case CERTFIFCATE_INVALID /* -2 */:
                        LOG.info("CERTFIFCATE_INVALID");
                        break;
                    case STATUS_INDETERMINED /* -1 */:
                        LOG.info("STATUS_INDETERMINED");
                        break;
                    case QUALITY_ADVANCED /* 0 */:
                        LOG.info("QUALITY_ADVANCED");
                        break;
                    case QUALITY_QUALIFIED /* 1 */:
                        LOG.info("QUALITY_QUALIFIED");
                        return true;
                    case QUALITY_ACCREDITED /* 2 */:
                        LOG.info("QUALITY_ACCREDITED");
                        return true;
                    default:
                        LOG.info("STATUS_INDETERMINED");
                        break;
                }
                return false;
            } catch (IOException e) {
                LOG.error(e.toString(), e);
                return false;
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException | ParseException e2) {
            LOG.error(e2.toString(), e2);
            return false;
        }
    }
}
