package org.apache.cxf.xkms.x509.handlers;

import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import javax.xml.bind.JAXBElement;
import org.apache.cxf.xkms.exception.XKMSCertificateException;
import org.apache.cxf.xkms.exception.XKMSException;
import org.apache.cxf.xkms.handlers.Applications;
import org.apache.cxf.xkms.handlers.Locator;
import org.apache.cxf.xkms.model.xkms.LocateRequestType;
import org.apache.cxf.xkms.model.xkms.QueryKeyBindingType;
import org.apache.cxf.xkms.model.xkms.ResultMajorEnum;
import org.apache.cxf.xkms.model.xkms.ResultMinorEnum;
import org.apache.cxf.xkms.model.xkms.UnverifiedKeyBindingType;
import org.apache.cxf.xkms.model.xkms.UseKeyWithType;
import org.apache.cxf.xkms.model.xmldsig.KeyInfoType;
import org.apache.cxf.xkms.model.xmldsig.X509DataType;
import org.apache.cxf.xkms.model.xmldsig.X509IssuerSerialType;
import org.apache.cxf.xkms.x509.repo.CertificateRepo;
import org.apache.cxf.xkms.x509.utils.X509Utils;

/* loaded from: input_file:WEB-INF/lib/cxf-services-xkms-x509-handlers-2.7.0.redhat-611463.jar:org/apache/cxf/xkms/x509/handlers/X509Locator.class */
public class X509Locator implements Locator {
    private CertificateRepo certRepo;

    public X509Locator(CertificateRepo certificateRepo) throws CertificateException {
        this.certRepo = certificateRepo;
    }

    @Override // org.apache.cxf.xkms.handlers.Locator
    public UnverifiedKeyBindingType locate(LocateRequestType locateRequestType) {
        try {
            X509Certificate findCertificate = findCertificate(parse(locateRequestType));
            if (findCertificate == null) {
                return null;
            }
            UnverifiedKeyBindingType unverifiedKeyBindingType = new UnverifiedKeyBindingType();
            unverifiedKeyBindingType.setKeyInfo(X509Utils.getKeyInfo(findCertificate));
            return unverifiedKeyBindingType;
        } catch (CertificateEncodingException e) {
            throw new XKMSCertificateException("Cannot encode certificate: " + e.getMessage(), e);
        } catch (CertificateException e2) {
            throw new XKMSCertificateException(e2.getMessage(), e2);
        }
    }

    public X509Certificate findCertificate(List<UseKeyWithType> list) throws CertificateException {
        X509Certificate x509Certificate = null;
        if (list.size() == 0) {
            throw new IllegalArgumentException("No UseKeyWithType elements found");
        }
        if (list.size() == 1) {
            Applications fromUri = Applications.fromUri(list.get(0).getApplication());
            String identifier = list.get(0).getIdentifier();
            if (fromUri == Applications.PKIX) {
                x509Certificate = this.certRepo.findBySubjectDn(identifier);
            } else if (fromUri == Applications.SERVICE_SOAP) {
                x509Certificate = this.certRepo.findByServiceName(identifier);
            }
        }
        String idForApplication = getIdForApplication(Applications.ISSUER, list);
        String idForApplication2 = getIdForApplication(Applications.SERIAL, list);
        if (idForApplication != null && idForApplication2 != null) {
            x509Certificate = this.certRepo.findByIssuerSerial(idForApplication, idForApplication2);
        }
        return x509Certificate;
    }

    private String getIdForApplication(Applications applications, List<UseKeyWithType> list) {
        for (UseKeyWithType useKeyWithType : list) {
            if (applications.getUri().equalsIgnoreCase(useKeyWithType.getApplication())) {
                return useKeyWithType.getIdentifier();
            }
        }
        return null;
    }

    private List<UseKeyWithType> parse(LocateRequestType locateRequestType) {
        QueryKeyBindingType queryKeyBinding;
        ArrayList arrayList = new ArrayList();
        if (locateRequestType != null && (queryKeyBinding = locateRequestType.getQueryKeyBinding()) != null) {
            if (queryKeyBinding.getTimeInstant() != null) {
                throw new XKMSException(ResultMajorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_RECEIVER, ResultMinorEnum.HTTP_WWW_W_3_ORG_2002_03_XKMS_TIME_INSTANT_NOT_SUPPORTED);
            }
            arrayList.addAll(parse(queryKeyBinding.getKeyInfo()));
            arrayList.addAll(queryKeyBinding.getUseKeyWith());
            return arrayList;
        }
        return arrayList;
    }

    private List<UseKeyWithType> parse(KeyInfoType keyInfoType) {
        ArrayList arrayList = new ArrayList();
        if (keyInfoType == null) {
            return arrayList;
        }
        for (Object obj : keyInfoType.getContent()) {
            if (obj instanceof JAXBElement) {
                JAXBElement jAXBElement = (JAXBElement) obj;
                if (X509Utils.X509_KEY_NAME.equals(jAXBElement.getName())) {
                    UseKeyWithType useKeyWithType = new UseKeyWithType();
                    useKeyWithType.setApplication(Applications.PKIX.getUri());
                    useKeyWithType.setIdentifier((String) jAXBElement.getValue());
                    arrayList.add(useKeyWithType);
                } else if (X509Utils.X509_DATA.equals(jAXBElement.getName())) {
                    for (Object obj2 : ((X509DataType) jAXBElement.getValue()).getX509IssuerSerialOrX509SKIOrX509SubjectName()) {
                        if (obj2 instanceof JAXBElement) {
                            JAXBElement jAXBElement2 = (JAXBElement) obj2;
                            if (X509Utils.X509_ISSUER_SERIAL.equals(jAXBElement2.getName())) {
                                X509IssuerSerialType x509IssuerSerialType = (X509IssuerSerialType) jAXBElement2.getValue();
                                UseKeyWithType useKeyWithType2 = new UseKeyWithType();
                                useKeyWithType2.setApplication(Applications.ISSUER.getUri());
                                useKeyWithType2.setIdentifier(x509IssuerSerialType.getX509IssuerName());
                                arrayList.add(useKeyWithType2);
                                UseKeyWithType useKeyWithType3 = new UseKeyWithType();
                                useKeyWithType3.setApplication(Applications.SERIAL.getUri());
                                useKeyWithType3.setIdentifier(x509IssuerSerialType.getX509SerialNumber().toString());
                                arrayList.add(useKeyWithType3);
                            } else if (X509Utils.X509_SUBJECT_NAME.equals(jAXBElement2.getName())) {
                                UseKeyWithType useKeyWithType4 = new UseKeyWithType();
                                useKeyWithType4.setApplication(Applications.PKIX.getUri());
                                useKeyWithType4.setIdentifier((String) jAXBElement2.getValue());
                                arrayList.add(useKeyWithType4);
                            }
                        }
                    }
                }
            }
        }
        return arrayList;
    }
}
