package org.glite.voms.ac;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.asn1.x509.IssuerSerial;

/* loaded from: input_file:org/glite/voms/ac/Holder.class */
public class Holder implements DEREncodable {
    IssuerSerial baseCertificateID;
    GeneralNames entityName;
    ObjectDigestInfo objectDigestInfo;

    public Holder(X509Certificate x509Certificate) {
        this(x509Certificate.getIssuerX500Principal(), x509Certificate.getSerialNumber());
    }

    public Holder(X500Principal x500Principal, BigInteger bigInteger) {
        this.baseCertificateID = null;
        this.entityName = null;
        this.objectDigestInfo = null;
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(Util.x500nameToGeneralNames(x500Principal));
        aSN1EncodableVector.add(new DERInteger(bigInteger));
        this.baseCertificateID = new IssuerSerial(new DERSequence(aSN1EncodableVector));
    }

    public Holder(ASN1Sequence aSN1Sequence) {
        this.baseCertificateID = null;
        this.entityName = null;
        this.objectDigestInfo = null;
        Enumeration objects = aSN1Sequence.getObjects();
        while (objects.hasMoreElements()) {
            ASN1TaggedObject aSN1TaggedObject = (DERObject) objects.nextElement();
            if (!(aSN1TaggedObject instanceof ASN1TaggedObject)) {
                throw new IllegalArgumentException("Holder element not tagged");
            }
            ASN1TaggedObject aSN1TaggedObject2 = aSN1TaggedObject;
            switch (aSN1TaggedObject2.getTagNo()) {
                case 0:
                    this.baseCertificateID = new IssuerSerial(aSN1TaggedObject2.getObject());
                    break;
                case 1:
                    this.entityName = GeneralNames.getInstance(aSN1TaggedObject2, false);
                    break;
                case 2:
                    this.objectDigestInfo = new ObjectDigestInfo(aSN1TaggedObject2.getObject());
                    break;
                default:
                    throw new IllegalArgumentException("Unknown tag number " + aSN1TaggedObject2.getTagNo());
            }
        }
    }

    public GeneralNames getIssuer() {
        if (this.baseCertificateID != null) {
            return this.baseCertificateID.getIssuer();
        }
        if (this.entityName != null) {
            return this.entityName;
        }
        return null;
    }

    protected static boolean matchesDN(X500Principal x500Principal, GeneralNames generalNames) {
        Enumeration objects = generalNames.getDERObject().getObjects();
        while (objects.hasMoreElements()) {
            GeneralName generalName = GeneralName.getInstance(objects.nextElement());
            if (generalName.getTagNo() == 4) {
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    new DEROutputStream(byteArrayOutputStream).writeObject(generalName.getName());
                    if (new X500Principal(byteArrayOutputStream.toByteArray()).equals(x500Principal)) {
                        return true;
                    }
                } catch (IOException e) {
                }
            }
        }
        return false;
    }

    public boolean isHolder(X509Certificate x509Certificate) {
        if (this.baseCertificateID != null && this.baseCertificateID.getSerial().getValue().equals(x509Certificate.getSerialNumber()) && (matchesDN(x509Certificate.getIssuerX500Principal(), this.baseCertificateID.getIssuer()) || matchesDN(x509Certificate.getSubjectX500Principal(), this.baseCertificateID.getIssuer()))) {
            return true;
        }
        return this.entityName != null && matchesDN(x509Certificate.getSubjectX500Principal(), this.entityName);
    }

    public DERObject getDERObject() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (this.baseCertificateID != null) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 0, this.baseCertificateID));
        }
        if (this.entityName != null) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 1, this.entityName));
        }
        if (this.objectDigestInfo != null) {
            aSN1EncodableVector.add(new DERTaggedObject(false, 2, this.objectDigestInfo));
        }
        return new DERSequence(aSN1EncodableVector);
    }
}
