package de.bos_bremen.vii.doctype;

import de.bos_bremen.algorithm_identifier.DigestAlgorithm;
import de.bos_bremen.algorithm_identifier.PaddingAlgorithm;
import de.bos_bremen.algorithm_identifier.SignatureAlgorithm;
import de.bos_bremen.algorithm_identifier.gen.SignatureAlgorithmBase;
import de.bos_bremen.ci.QLevel;
import de.bos_bremen.ci.asn1.ANY;
import de.bos_bremen.ci.asn1.AlgorithmIdentifier;
import de.bos_bremen.ci.asn1.DumpWriter;
import de.bos_bremen.ci.asn1.ParseException;
import de.bos_bremen.ci.asn1.ocsp.BasicOCSPResponse;
import de.bos_bremen.ci.asn1.ocsp.CertStatus;
import de.bos_bremen.ci.asn1.ocsp.ResponseData;
import de.bos_bremen.ci.asn1.ocsp.SingleResponse;
import de.bos_bremen.ci.asn1.x509.Certificate;
import de.bos_bremen.ci.asn1.x509.Extension;
import de.bos_bremen.ci.asn1.x509.FlatCertificate;
import de.bos_bremen.ci.asn1.x509.ext.CertHashExtension;
import de.bos_bremen.vii.common.Describable;
import de.bos_bremen.vii.common.Description;
import de.bos_bremen.vii.common.LocalizableDescription;
import de.bos_bremen.vii.common.Signal;
import de.bos_bremen.vii.common.SignalReason;
import de.bos_bremen.vii.common.SignalReasons;
import de.bos_bremen.vii.xkms.RevocationReason;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.CRLReason;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:de/bos_bremen/vii/doctype/VIIRevocationValueEntry.class */
public class VIIRevocationValueEntry extends VIISignatureEntry implements Describable {
    public static final String SOURCE_XKMS = "xkms";
    public static final String SOURCE_SIGNATURE = "signature";
    private static final String SOURCE = "source";
    private static final String REASON = "RevocationReason";
    private static final String PRODUCED_TIME = "ProducedTime";
    private static final String TIME = "RevocationTime";
    private static final String RESPONDER = "RevocationResponder";
    private static final String TYPE = "RevocationType";
    private static final String VALUE = "RevocationValue";
    private static final String RESOURCE_KEYBASE = "general.revocationValue.";

    /* loaded from: input_file:de/bos_bremen/vii/doctype/VIIRevocationValueEntry$RevocationType.class */
    public enum RevocationType {
        OCSP,
        CRL,
        OTHER
    }

    public static VIIRevocationValueEntry createRevocationValue(String str, VIICertEntry vIICertEntry, BasicOCSPResponse basicOCSPResponse, boolean z) {
        return createRevocationValue(str, vIICertEntry, basicOCSPResponse, z ? SOURCE_XKMS : SOURCE_SIGNATURE);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r18v4 */
    /* JADX WARN: Type inference failed for: r18v5 */
    /* JADX WARN: Type inference failed for: r18v6, types: [de.bos_bremen.vii.doctype.VIIEntry] */
    /* JADX WARN: Type inference failed for: r8v0, types: [de.bos_bremen.vii.doctype.VIICertEntry] */
    public static VIIRevocationValueEntry createRevocationValue(String str, VIICertEntry vIICertEntry, BasicOCSPResponse basicOCSPResponse, String str2) {
        Signal signal;
        SignalReason signalReason;
        List certs;
        VIIRevocationValueEntry vIIRevocationValueEntry = new VIIRevocationValueEntry((VIICertEntry) vIICertEntry, RevocationType.OCSP, (ANY) basicOCSPResponse, str2);
        AlgorithmIdentifier signatureAlgorithm = basicOCSPResponse.getSignatureAlgorithm();
        ResponseData tbsResponseData = basicOCSPResponse.getTbsResponseData();
        vIIRevocationValueEntry.setSignatureAlgorithm(signatureAlgorithm);
        SignatureAlgorithm signatureAlgorithm2 = vIIRevocationValueEntry.getSignatureAlgorithm();
        if (signatureAlgorithm2 != null) {
            DigestAlgorithm digestAlgorithm = signatureAlgorithm2.getDigestAlgorithm();
            if (digestAlgorithm != null) {
                vIIRevocationValueEntry.setHashAlgName(digestAlgorithm.getJCAName());
            }
            SignatureAlgorithmBase baseAlgorithm = signatureAlgorithm2.getBaseAlgorithm();
            if (baseAlgorithm != null) {
                vIIRevocationValueEntry.setSigBaseAlgName(baseAlgorithm.toString());
            }
            PaddingAlgorithm paddingAlgorithm = signatureAlgorithm2.getPaddingAlgorithm();
            if (paddingAlgorithm != null) {
                vIIRevocationValueEntry.setPaddingAlgName(paddingAlgorithm.getJCAName());
            }
            vIIRevocationValueEntry.setSignatureAlgName(signatureAlgorithm2.getJCAName());
            vIIRevocationValueEntry.setSignatureAlgDisplayName(signatureAlgorithm2.getName());
        }
        Certificate certificate = null;
        try {
            try {
                certificate = basicOCSPResponse.getSignerCertificate(str);
            } catch (GeneralSecurityException e) {
            }
            if (certificate == null && (certs = basicOCSPResponse.getCerts()) != null) {
                Iterator it = certs.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    Certificate certificate2 = (FlatCertificate) it.next();
                    if ((certificate2 instanceof Certificate) && basicOCSPResponse.verify(certificate2, str)) {
                        certificate = certificate2;
                        break;
                    }
                }
            }
            if (certificate == null) {
                signal = Signal.YELLOW;
                signalReason = SignalReasons.INTyellow;
            } else {
                boolean verify = basicOCSPResponse.verify(certificate, str);
                Date date = tbsResponseData.getProducedAt().getDate();
                vIIRevocationValueEntry.setAuthor(new VIICertEntry(vIIRevocationValueEntry, CertificateOwnerTypes.XKMS_SERVER, certificate));
                vIIRevocationValueEntry.setSigningTime(date);
                signal = Signal.forBoolean(verify);
                signalReason = verify ? null : SignalReasons.INTred;
            }
        } catch (NullPointerException e2) {
            signal = Signal.YELLOW;
            signalReason = SignalReasons.INTyellow;
        } catch (ParseException | IOException e3) {
            signal = Signal.YELLOW;
            signalReason = SignalReasons.INTyellow;
        } catch (GeneralSecurityException e4) {
            signal = Signal.RED;
            signalReason = SignalReasons.INTred;
        }
        vIIRevocationValueEntry.setIntegrity(signal);
        vIIRevocationValueEntry.setIntegrityReason(signalReason);
        vIIRevocationValueEntry.setCumulated(Signal.GREEN);
        if (tbsResponseData.getResponderID() == null || tbsResponseData.getResponderID().getName() == null || tbsResponseData.getResponderID().getName().getName() == null) {
            vIIRevocationValueEntry.setResponder("unknown");
        } else {
            vIIRevocationValueEntry.setResponder(tbsResponseData.getResponderID().getName().getName());
        }
        VIIEntry vIIEntry = vIICertEntry;
        VIIValidationTimeProvider vIIValidationTimeProvider = null;
        if (vIICertEntry instanceof VIIValidationTimeProvider) {
            vIIValidationTimeProvider = (VIIValidationTimeProvider) vIICertEntry;
        }
        do {
            VIIEntry parent = vIIEntry.getParent();
            if (parent == null) {
                break;
            }
            vIIEntry = parent;
            if (vIIEntry instanceof VIIValidationTimeProvider) {
                vIIValidationTimeProvider = (VIIValidationTimeProvider) vIIEntry;
            }
        } while (vIIEntry != vIIEntry.getParent());
        Date validationTime = vIIValidationTimeProvider.getValidationTime();
        SingleResponse singleResponse = tbsResponseData.getSingleResponse(vIICertEntry.mo38getCertificate());
        CertStatus certStatus = singleResponse.getCertStatus();
        vIIRevocationValueEntry.setReason(certStatus.getJavaRevocationReason());
        if (certStatus.isRevoked() && validationTime.after(certStatus.getRevokedInfo().getRevocationTime().getDate())) {
            VIIIdentityEntry identityObject = vIICertEntry.getIdentityObject();
            if (SOURCE_XKMS.equals(str2)) {
                vIICertEntry.getReIdentityObject();
            } else {
                identityObject.setRevocationState(Signal.RED);
                identityObject.setRevocationReason(RevocationReason.valueOf(certStatus.getJavaRevocationReason()));
                vIIRevocationValueEntry.setCumulated(Signal.RED);
                vIIRevocationValueEntry.getCumulatedReasons().add(SignalReasons.IDrev_red);
            }
            vIIRevocationValueEntry.setRevocationTime(certStatus.getRevokedInfo().getRevocationTime().getDate());
        }
        if (certStatus.isUnknown()) {
            vIIRevocationValueEntry.setCumulated(Signal.RED);
            VIIIdentityEntry reIdentityObject = vIICertEntry.getReIdentityObject();
            if (reIdentityObject.getQuality().equals(QLevel.QCPPLUS_DE) || reIdentityObject.getQuality().equals(QLevel.QCPPLUS_DE_ACCREDITED)) {
                vIIRevocationValueEntry.setCumulated(SignalReasons.IDrev_red_unknown.getSignal());
                vIIRevocationValueEntry.getCumulatedReasons().add(SignalReasons.IDrev_red_unknown);
            } else {
                vIIRevocationValueEntry.setCumulated(SignalReasons.IDrev_red.getSignal());
                vIIRevocationValueEntry.getCumulatedReasons().add(SignalReasons.IDrev_red);
            }
        }
        vIIRevocationValueEntry.setProducedTime(basicOCSPResponse.getTbsResponseData().getProducedAt().getDate());
        Extension extension = singleResponse.getSingleExtensions() == null ? null : singleResponse.getSingleExtensions().get("1.3.36.8.3.13");
        Certificate mo38getCertificate = vIICertEntry.mo38getCertificate();
        if ((extension instanceof CertHashExtension) && (mo38getCertificate instanceof Certificate) && !((CertHashExtension) extension).isCertHashValid(mo38getCertificate)) {
            vIIRevocationValueEntry.setIntegrity(SignalReasons.INVALID_KEY_CERT_HASH.getSignal());
            vIIRevocationValueEntry.setIntegrityReason(SignalReasons.INVALID_KEY_CERT_HASH);
        }
        return vIIRevocationValueEntry;
    }

    public VIIRevocationValueEntry() {
    }

    public VIIRevocationValueEntry(VIICertEntry vIICertEntry, RevocationType revocationType, ANY any, boolean z) {
        this(vIICertEntry, revocationType, any, z ? SOURCE_XKMS : SOURCE_SIGNATURE);
    }

    public VIIRevocationValueEntry(VIICertEntry vIICertEntry, RevocationType revocationType, ANY any, String str) {
        super(any);
        super.setParent(vIICertEntry);
        setType(revocationType);
        setValue(any);
        setSource(str);
    }

    private static Description generalTypes(String str) {
        return new LocalizableDescription(null, RESOURCE_KEYBASE + str, "de.bos_bremen.vii.generalmessages");
    }

    @Override // de.bos_bremen.vii.common.Describable
    public List<Description> getDescriptions() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(generalTypes(TYPE));
        arrayList.add(generalTypes(RESPONDER));
        arrayList.add(generalTypes("RevocationReason"));
        arrayList.add(generalTypes(TIME));
        arrayList.add(generalTypes(SOURCE));
        throw new RuntimeException("Not implemented");
    }

    public CRLReason getReason() {
        return (CRLReason) get("RevocationReason");
    }

    public void setReason(CRLReason cRLReason) {
        put("RevocationReason", cRLReason);
    }

    public RevocationType getType() {
        return (RevocationType) get(TYPE);
    }

    public void setValue(Object obj) {
        put(VALUE, obj);
    }

    public Object getValue() {
        return get(VALUE);
    }

    public void setSource(String str) {
        put(SOURCE, str);
    }

    public String getSource() {
        return (String) get(SOURCE);
    }

    public boolean isOnlineValue() {
        return SOURCE_XKMS.equals(getSource());
    }

    public void setType(RevocationType revocationType) {
        put(TYPE, revocationType);
    }

    public String getResponder() {
        return (String) get(RESPONDER);
    }

    public void setResponder(String str) {
        put(RESPONDER, str);
    }

    public Date getRevocationTime() {
        return (Date) get(TIME);
    }

    public void setRevocationTime(Date date) {
        put(TIME, date);
    }

    public Date getProducedTime() {
        return (Date) get(PRODUCED_TIME);
    }

    public void setProducedTime(Date date) {
        put(PRODUCED_TIME, date);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.bos_bremen.vii.doctype.VIISignatureEntry, de.bos_bremen.vii.doctype.VIIEntry
    public void dumpAttributes(DumpWriter dumpWriter) throws IOException {
        super.dumpAttributes(dumpWriter);
        String responder = getResponder();
        if (responder != null) {
            dumpWriter.newLine();
            dumpWriter.write("responder: ");
            dumpWriter.write(responder);
        }
        RevocationType type = getType();
        if (type != null) {
            dumpWriter.newLine();
            dumpWriter.write("type: ");
            dumpWriter.write(type.toString());
        }
        CRLReason reason = getReason();
        if (reason != null) {
            dumpWriter.newLine();
            dumpWriter.write("reason: ");
            dumpWriter.write(reason.toString());
        }
        Date revocationTime = getRevocationTime();
        if (revocationTime != null) {
            dumpWriter.newLine();
            dumpWriter.write("time: ");
            dumpWriter.write(new SimpleDateFormat("dd.MM.yyyy HH:mm:ss").format(revocationTime));
        }
    }
}
