package eu.emi.security.authn.x509.helpers.trust;

import eu.emi.security.authn.x509.helpers.CertificateHelpers;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.util.Collection;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.filefilter.IOFileFilter;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERT61String;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.DERUniversalString;
import org.bouncycastle.asn1.DERVisibleString;
import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.crypto.digests.MD5Digest;
import org.bouncycastle.crypto.digests.SHA1Digest;

/* loaded from: input_file:eu/emi/security/authn/x509/helpers/trust/OpensslTruststoreHelper.class */
public class OpensslTruststoreHelper {
    public static final String CERT_REGEXP = "^([0-9a-fA-F]{8})\\.[\\d]+$";

    public static String getNsFile(String str, String str2) {
        String fileHash = getFileHash(str, CERT_REGEXP);
        if (fileHash == null) {
            return null;
        }
        String parent = new File(str).getParent();
        if (parent == null) {
            parent = ".";
        }
        return parent + File.separator + fileHash + str2;
    }

    public static String getFileHash(String str, String str2) {
        Matcher matcher = Pattern.compile(str2).matcher(new File(str).getName());
        if (matcher.matches()) {
            return matcher.group(1);
        }
        return null;
    }

    public static Collection<File> getFilesWithRegexp(String str, File file) {
        final Pattern compile = Pattern.compile(str);
        return FileUtils.listFiles(file, new IOFileFilter() { // from class: eu.emi.security.authn.x509.helpers.trust.OpensslTruststoreHelper.1
            public boolean accept(File file2, String str2) {
                return compile.matcher(str2).matches();
            }

            public boolean accept(File file2) {
                return accept(null, file2.getName());
            }
        }, (IOFileFilter) null);
    }

    public static String getOpenSSLCAHash(X500Principal x500Principal, boolean z) {
        return z ? getOpenSSLCAHashNew(x500Principal) : getOpenSSLCAHashOld(x500Principal);
    }

    private static String getOpenSSLCAHashOld(X500Principal x500Principal) {
        byte[] encoded = x500Principal.getEncoded();
        MD5Digest mD5Digest = new MD5Digest();
        mD5Digest.update(encoded, 0, encoded.length);
        byte[] bArr = new byte[mD5Digest.getDigestSize()];
        mD5Digest.doFinal(bArr, 0);
        return String.format("%02x%02x%02x%02x", Integer.valueOf(bArr[3] & 255), Integer.valueOf(bArr[2] & 255), Integer.valueOf(bArr[1] & 255), Integer.valueOf(bArr[0] & 255));
    }

    private static String getOpenSSLCAHashNew(X500Principal x500Principal) {
        try {
            byte[] encodeWithoutSeqHeader = encodeWithoutSeqHeader(getNormalizedRDNs(x500Principal));
            SHA1Digest sHA1Digest = new SHA1Digest();
            sHA1Digest.update(encodeWithoutSeqHeader, 0, encodeWithoutSeqHeader.length);
            byte[] bArr = new byte[sHA1Digest.getDigestSize()];
            sHA1Digest.doFinal(bArr, 0);
            return String.format("%02x%02x%02x%02x", Integer.valueOf(bArr[3] & 255), Integer.valueOf(bArr[2] & 255), Integer.valueOf(bArr[1] & 255), Integer.valueOf(bArr[0] & 255));
        } catch (IOException e) {
            throw new IllegalArgumentException("Can't parse the input DN", e);
        }
    }

    public static RDN[] getNormalizedRDNs(X500Principal x500Principal) throws IOException {
        RDN[] rDNs = CertificateHelpers.toX500Name(x500Principal).getRDNs();
        RDN[] rdnArr = new RDN[rDNs.length];
        int i = 0;
        for (RDN rdn : rDNs) {
            AttributeTypeAndValue[] typesAndValues = rdn.getTypesAndValues();
            sortAVAs(typesAndValues);
            AttributeTypeAndValue[] attributeTypeAndValueArr = new AttributeTypeAndValue[typesAndValues.length];
            for (int i2 = 0; i2 < typesAndValues.length; i2++) {
                attributeTypeAndValueArr[i2] = normalizeStringAVA(typesAndValues[i2]);
            }
            int i3 = i;
            i++;
            rdnArr[i3] = new RDN(attributeTypeAndValueArr);
        }
        return rdnArr;
    }

    private static void sortAVAs(AttributeTypeAndValue[] attributeTypeAndValueArr) throws IOException {
        for (int i = 0; i < attributeTypeAndValueArr.length; i++) {
            for (int i2 = i + 1; i2 < attributeTypeAndValueArr.length; i2++) {
                if (memcmp(attributeTypeAndValueArr[i].getEncoded(), attributeTypeAndValueArr[i2].getEncoded()) < 0) {
                    AttributeTypeAndValue attributeTypeAndValue = attributeTypeAndValueArr[i];
                    attributeTypeAndValueArr[i] = attributeTypeAndValueArr[i2];
                    attributeTypeAndValueArr[i2] = attributeTypeAndValue;
                }
            }
        }
    }

    private static int memcmp(byte[] bArr, byte[] bArr2) {
        int length = bArr.length > bArr2.length ? bArr2.length : bArr.length;
        for (int i = 0; i < length; i++) {
            if (bArr[i] < bArr2[i]) {
                return -1;
            }
            if (bArr[i] > bArr2[i]) {
                return 1;
            }
        }
        return bArr.length - bArr2.length;
    }

    private static AttributeTypeAndValue normalizeStringAVA(AttributeTypeAndValue attributeTypeAndValue) {
        ASN1String value = attributeTypeAndValue.getValue();
        if (!(value instanceof DERPrintableString) && !(value instanceof DERUTF8String) && !(value instanceof DERIA5String) && !(value instanceof DERBMPString) && !(value instanceof DERUniversalString) && !(value instanceof DERT61String) && !(value instanceof DERVisibleString)) {
            return attributeTypeAndValue;
        }
        return new AttributeTypeAndValue(attributeTypeAndValue.getType(), new DERUTF8String(value.getString().trim().replaceAll("[ \t\n\f][ \t\n\f]+", " ").toLowerCase()));
    }

    private static byte[] encodeWithoutSeqHeader(RDN[] rdnArr) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream create = ASN1OutputStream.create(byteArrayOutputStream);
        for (RDN rdn : rdnArr) {
            create.writeObject(rdn);
        }
        create.close();
        return byteArrayOutputStream.toByteArray();
    }
}
