package kz.gov.pki.knca.applet.extension;

import java.io.IOException;
import java.security.Provider;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Vector;
import kz.gov.pki.kalkan.asn1.ASN1Encodable;
import kz.gov.pki.kalkan.asn1.DERObjectIdentifier;
import kz.gov.pki.kalkan.asn1.DERSequence;
import kz.gov.pki.kalkan.asn1.x509.AccessDescription;
import kz.gov.pki.kalkan.asn1.x509.AuthorityInformationAccess;
import kz.gov.pki.kalkan.asn1.x509.BasicConstraints;
import kz.gov.pki.kalkan.asn1.x509.CRLDistPoint;
import kz.gov.pki.kalkan.asn1.x509.DisplayText;
import kz.gov.pki.kalkan.asn1.x509.DistributionPoint;
import kz.gov.pki.kalkan.asn1.x509.DistributionPointName;
import kz.gov.pki.kalkan.asn1.x509.ExtendedKeyUsage;
import kz.gov.pki.kalkan.asn1.x509.GeneralName;
import kz.gov.pki.kalkan.asn1.x509.GeneralNames;
import kz.gov.pki.kalkan.asn1.x509.KeyPurposeId;
import kz.gov.pki.kalkan.asn1.x509.KeyUsage;
import kz.gov.pki.kalkan.asn1.x509.NoticeReference;
import kz.gov.pki.kalkan.asn1.x509.PolicyInformation;
import kz.gov.pki.kalkan.asn1.x509.PolicyQualifierId;
import kz.gov.pki.kalkan.asn1.x509.PolicyQualifierInfo;
import kz.gov.pki.kalkan.asn1.x509.ReasonFlags;
import kz.gov.pki.kalkan.asn1.x509.UserNotice;
import kz.gov.pki.kalkan.util.encoders.Base64;
import kz.gov.pki.kalkan.x509.extension.AuthorityKeyIdentifierStructure;
import kz.gov.pki.knca.applet.utils.X509Util;

/* loaded from: input_file:kz/gov/pki/knca/applet/extension/ExtensionImpl.class */
public class ExtensionImpl {
    protected Provider provider;
    public static final String KNCA_OID = "1.2.398.3.3";
    public static final List<String> extensionList = Arrays.asList("2.5.29.15", "2.5.29.37", "2.5.29.35", "2.5.29.31", "2.5.29.46", "2.5.29.19", "1.3.6.1.5.5.7.1.1", "1.2.398.3.3.3.2.1", "1.2.398.3.3.3.2.4", "1.2.398.3.3.3.2.2", "2.5.29.32");
    public static final Map<String, String> aiaOidMap = new HashMap();
    public static final Map<String, String> extendedKeyUsageMap;
    public static final Map<String, Integer> keyUsageMap;

    public ExtensionImpl(Provider provider) {
        this.provider = provider;
    }

    public String genAuthorityInformationAccess(List<AccessDescriptionParam> list) throws IOException {
        ASN1Encodable[] aSN1EncodableArr = new ASN1Encodable[list.size()];
        int i = 0;
        for (AccessDescriptionParam accessDescriptionParam : list) {
            aSN1EncodableArr[i] = new AccessDescription(new DERObjectIdentifier(accessDescriptionParam.getAccessMethodOid()), new GeneralName(6, accessDescriptionParam.getAccessURI()));
            i++;
        }
        return new String(Base64.encode(new AuthorityInformationAccess(new DERSequence(aSN1EncodableArr)).getEncoded()));
    }

    public String genAuthorityKeyIdentifier(String str) throws CertificateParsingException, CertificateException, IOException {
        return new String(Base64.encode(new AuthorityKeyIdentifierStructure(X509Util.parsePemToX509Certificate(str, this.provider)).getEncoded()));
    }

    public String genBasicConstraints(boolean z, Integer num) throws IOException {
        return new String(Base64.encode((num != null ? new BasicConstraints(num.intValue()) : new BasicConstraints(z)).getEncoded()));
    }

    public String genCertificatePolicies(List<CertificatePoliciesParam> list) throws IOException {
        ASN1Encodable[] aSN1EncodableArr = new ASN1Encodable[list.size()];
        int i = 0;
        for (CertificatePoliciesParam certificatePoliciesParam : list) {
            DERSequence dERSequence = null;
            if (certificatePoliciesParam.getDetails() != null && certificatePoliciesParam.getDetails().size() > 0) {
                ASN1Encodable[] aSN1EncodableArr2 = new ASN1Encodable[certificatePoliciesParam.getDetails().size()];
                int i2 = 0;
                for (CertificatePoliciesParamDetail certificatePoliciesParamDetail : certificatePoliciesParam.getDetails()) {
                    aSN1EncodableArr2[i2] = certificatePoliciesParamDetail.getType().getId().equals(PolicyQualifierId.id_qt_cps.toString()) ? new PolicyQualifierInfo(certificatePoliciesParamDetail.getValue()) : new PolicyQualifierInfo(new DERObjectIdentifier(certificatePoliciesParamDetail.getType().getId()), new UserNotice((NoticeReference) null, certificatePoliciesParamDetail.getValue()));
                    i2++;
                }
                dERSequence = new DERSequence(aSN1EncodableArr2);
            }
            aSN1EncodableArr[i] = new PolicyInformation(new DERObjectIdentifier(certificatePoliciesParam.getObjectId()), dERSequence);
            i++;
        }
        return new String(Base64.encode(new DERSequence(aSN1EncodableArr).getEncoded()));
    }

    public String genCrlDistributionPoint(List<String> list) throws IOException, CertificateParsingException {
        GeneralName[] generalNameArr = new GeneralName[list.size()];
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            generalNameArr[i] = new GeneralName(6, it.next());
            i++;
        }
        return new String(Base64.encode(new CRLDistPoint(new DistributionPoint[]{new DistributionPoint(new DistributionPointName(new GeneralNames(new DERSequence(generalNameArr))), (ReasonFlags) null, (GeneralNames) null)}).getEncoded()));
    }

    public String genExtendedKeyUsage(List<String> list) throws IOException {
        Vector vector = new Vector();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            vector.add(new KeyPurposeId(it.next()));
        }
        return new String(Base64.encode(new ExtendedKeyUsage(vector).getEncoded()));
    }

    public String genFreshestCrl(List<String> list) throws IOException, CertificateParsingException {
        GeneralName[] generalNameArr = new GeneralName[list.size()];
        int i = 0;
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            generalNameArr[i] = new GeneralName(6, it.next());
            i++;
        }
        return new String(Base64.encode(new CRLDistPoint(new DistributionPoint[]{new DistributionPoint(new DistributionPointName(new GeneralNames(new DERSequence(generalNameArr))), (ReasonFlags) null, (GeneralNames) null)}).getEncoded()));
    }

    public String genKNCAUserExt(String str) throws IOException {
        return new String(Base64.encode(new DisplayText(2, str).getEncoded()));
    }

    public String genKeyUsage(int i) throws IOException {
        return new String(Base64.encode(new KeyUsage(i).getEncoded()));
    }

    static {
        aiaOidMap.put("caIssuers", "1.3.6.1.5.5.7.48.2");
        aiaOidMap.put("ocsp", "1.3.6.1.5.5.7.48.1");
        extendedKeyUsageMap = new HashMap();
        extendedKeyUsageMap.put("01_id_kp_serverAuth", KeyPurposeId.id_kp_serverAuth.getId());
        extendedKeyUsageMap.put("02_id_kp_clientAuth", KeyPurposeId.id_kp_clientAuth.getId());
        extendedKeyUsageMap.put("03_id_kp_codeSigning", KeyPurposeId.id_kp_codeSigning.getId());
        extendedKeyUsageMap.put("04_id_kp_emailProtection", KeyPurposeId.id_kp_emailProtection.getId());
        extendedKeyUsageMap.put("08_id_kp_timeStamping", KeyPurposeId.id_kp_timeStamping.getId());
        extendedKeyUsageMap.put("09_id_kp_OCSPSigning", KeyPurposeId.id_kp_OCSPSigning.getId());
        extendedKeyUsageMap.put("10_id_fl", "1.2.398.3.3.4.1.1");
        extendedKeyUsageMap.put("20_id_ul", "1.2.398.3.3.4.1.2");
        extendedKeyUsageMap.put("21_id_ul_head", "1.2.398.3.3.4.1.2.1");
        extendedKeyUsageMap.put("22_id_ul_signer", "1.2.398.3.3.4.1.2.2");
        extendedKeyUsageMap.put("23_id_ul_finance_signer", "1.2.398.3.3.4.1.2.3");
        extendedKeyUsageMap.put("24_id_ul_pd", "1.2.398.3.3.4.1.2.4");
        extendedKeyUsageMap.put("25_id_ul_employee", "1.2.398.3.3.4.1.2.5");
        extendedKeyUsageMap.put("51_id_knca_admin", "1.2.398.3.3.4.2.1");
        extendedKeyUsageMap.put("52_id_knca_manager", "1.2.398.3.3.4.2.2");
        extendedKeyUsageMap.put("53_id_knca_operator", "1.2.398.3.3.4.2.3");
        extendedKeyUsageMap.put("53_id_knca_operator", "1.2.398.3.3.4.2.3");
        extendedKeyUsageMap.put("70_id_is_k2", "1.2.398.5.19.1.2.2.1");
        extendedKeyUsageMap.put("80_id_rf_selected", "1.2.643.6.3.1.1");
        extendedKeyUsageMap.put("81_id_rf_person", "1.2.643.6.3.1.2.2");
        extendedKeyUsageMap.put("82_id_rf_company", "1.2.643.6.3.1.2.1");
        extendedKeyUsageMap.put("83_id_rf_order_placeMember", "1.2.643.6.3.1.3.1");
        extendedKeyUsageMap.put("84_id_rf_auth_administrator", "1.2.643.6.3.1.4.1");
        extendedKeyUsageMap.put("85_id_rf_auth_specialist", "1.2.643.6.3.1.4.2");
        extendedKeyUsageMap.put("86_id_rf_auth_specialistSignContract", "1.2.643.6.3.1.4.3");
        keyUsageMap = new HashMap();
        keyUsageMap.put("digitalSignature", 128);
        keyUsageMap.put("nonRepudiation", 64);
        keyUsageMap.put("keyEncipherment", 32);
        keyUsageMap.put("dataEncipherment", 16);
        keyUsageMap.put("keyAgreement", 8);
        keyUsageMap.put("keyCertSign", 4);
        keyUsageMap.put("cRLSign", 2);
        keyUsageMap.put("encipherOnly", 1);
        keyUsageMap.put("decipherOnly", 32768);
    }
}
