package es.gob.afirma.miniapplet.keystores.filters;

import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.keystores.AOKeyStoreManager;
import es.gob.afirma.keystores.filters.CertificateFilter;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;

/* loaded from: input_file:es/gob/afirma/miniapplet/keystores/filters/SSLFilter.class */
public final class SSLFilter extends CertificateFilter {
    private static final String[] a = {"serialnumber=", "SERIALNUMBER=", "2.5.4.5="};
    private final String b;
    private final AuthenticationDNIeFilter c = new AuthenticationDNIeFilter();
    private final SignatureDNIeFilter d = new SignatureDNIeFilter();

    public SSLFilter(String str) {
        this.b = a(str);
    }

    @Override // es.gob.afirma.keystores.filters.CertificateFilter
    public boolean matches(X509Certificate x509Certificate) {
        return a(e(x509Certificate)).equalsIgnoreCase(this.b);
    }

    @Override // es.gob.afirma.keystores.filters.CertificateFilter
    public String[] matches(String[] strArr, AOKeyStoreManager aOKeyStoreManager) {
        X509Certificate[] x509CertificateArr = new X509Certificate[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            x509CertificateArr[i] = aOKeyStoreManager.getCertificate(strArr[i]);
        }
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 < strArr.length; i2++) {
            X509Certificate certificate = aOKeyStoreManager.getCertificate(strArr[i2]);
            try {
                if (matches(certificate)) {
                    if (a(certificate)) {
                        int i3 = 0;
                        while (true) {
                            if (i3 >= strArr.length) {
                                break;
                            }
                            if (i2 != i3) {
                                X509Certificate certificate2 = aOKeyStoreManager.getCertificate(strArr[i3]);
                                if (b(certificate2) && c(certificate2) != null && c(certificate2).equalsIgnoreCase(c(certificate)) && d(certificate2).equals(d(certificate))) {
                                    arrayList.add(strArr[i3]);
                                    break;
                                }
                            }
                            i3++;
                        }
                    } else {
                        arrayList.add(strArr[i2]);
                    }
                }
            } catch (Exception e) {
                Logger.getLogger("es.gob.afirma").warning("Error en la verificacion del certificado '" + certificate.getSerialNumber() + "': " + e);
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private boolean a(X509Certificate x509Certificate) {
        return this.c.matches(x509Certificate);
    }

    private boolean b(X509Certificate x509Certificate) {
        return this.d.matches(x509Certificate);
    }

    private static String c(X509Certificate x509Certificate) {
        try {
            List rdns = new LdapName(x509Certificate.getSubjectX500Principal().getName()).getRdns();
            if (rdns == null || rdns.isEmpty()) {
                return null;
            }
            Iterator it = rdns.iterator();
            while (it.hasNext()) {
                String rdn = ((Rdn) it.next()).toString();
                for (String str : a) {
                    if (rdn.startsWith(str)) {
                        return rdn.substring(str.length()).replace("#", "");
                    }
                }
            }
            return null;
        } catch (InvalidNameException e) {
            return null;
        }
    }

    private static String d(X509Certificate x509Certificate) {
        return new SimpleDateFormat("yyyy-MM-dd").format(x509Certificate.getNotAfter());
    }

    private static String e(X509Certificate x509Certificate) {
        return a(x509Certificate.getSerialNumber());
    }

    private static String a(BigInteger bigInteger) {
        return AOUtil.hexify(bigInteger.toByteArray(), "");
    }

    private static String a(String str) {
        String replace = str.trim().replace(" ", "").replace("#", "");
        int i = 0;
        while (i < replace.length() && replace.charAt(i) == '0') {
            i++;
        }
        return replace.substring(i);
    }
}
