package eu.europa.ec.markt.dss.validation.certificate;

import eu.europa.ec.markt.dss.CertificateIdentifier;
import eu.europa.ec.markt.dss.OID;
import eu.europa.ec.markt.dss.adapter.X509CertificateAdapter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlTransient;
import javax.xml.bind.annotation.XmlType;
import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DEROctetString;

@XmlAccessorType(XmlAccessType.FIELD)
@XmlType
/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/validation/certificate/CertificateAndContext.class */
public class CertificateAndContext {

    @XmlJavaTypeAdapter(X509CertificateAdapter.class)
    private X509Certificate certificate;

    @XmlElement
    private CertificateSourceType certificateSource;

    @XmlTransient
    private Serializable context;
    private boolean signatureOk;
    private String signatureAlgorithm;

    public String getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public void setSignatureAlgorithm(String str) {
        this.signatureAlgorithm = str;
    }

    public void setSignatureIsValid() {
        this.signatureOk = true;
    }

    public boolean isSignatureOk() {
        return this.signatureOk;
    }

    public CertificateAndContext() {
        this.signatureOk = false;
    }

    public CertificateAndContext(X509Certificate x509Certificate) {
        this(x509Certificate, null);
    }

    public CertificateAndContext(X509Certificate x509Certificate, Serializable serializable) {
        this.signatureOk = false;
        this.certificate = x509Certificate;
        this.context = serializable;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        CertificateAndContext certificateAndContext = (CertificateAndContext) obj;
        return this.certificate == null ? certificateAndContext.certificate == null : this.certificate.equals(certificateAndContext.certificate);
    }

    public X509Certificate getCertificate() {
        return this.certificate;
    }

    public CertificateSourceType getCertificateSource() {
        return this.certificateSource;
    }

    public Serializable getContext() {
        return this.context;
    }

    public int hashCode() {
        return (31 * 1) + (this.certificate == null ? 0 : this.certificate.hashCode());
    }

    public void setCertificate(X509Certificate x509Certificate) {
        this.certificate = x509Certificate;
    }

    public void setCertificateSource(CertificateSourceType certificateSourceType) {
        this.certificateSource = certificateSourceType;
    }

    public void setContext(Serializable serializable) {
        this.context = serializable;
    }

    public boolean isOCSPSigning() {
        try {
            List<String> extendedKeyUsage = this.certificate.getExtendedKeyUsage();
            if (extendedKeyUsage != null) {
                return extendedKeyUsage.contains(OID._1_3_6_1_5_5_7_3_9.getName());
            }
            return false;
        } catch (CertificateParsingException e) {
            return false;
        }
    }

    public boolean has_id_pkix_ocsp_nocheck_extension() {
        byte[] extensionValue = this.certificate.getExtensionValue(OID._1_3_6_1_5_5_7_48_1_5.getName());
        if (extensionValue == null) {
            return false;
        }
        try {
            DERObject dERObject = toDERObject(extensionValue);
            if (dERObject instanceof DEROctetString) {
                return ((DEROctetString) dERObject).getOctets().length == 0;
            }
            return false;
        } catch (Exception e) {
            return false;
        }
    }

    private DERObject toDERObject(byte[] bArr) throws IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        DERObject readObject = aSN1InputStream.readObject();
        aSN1InputStream.close();
        return readObject;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("CertificateAndContext[").append(CertificateIdentifier.getId(this.certificate)).append("<--").append(this.certificate.getIssuerX500Principal()).append(", source=").append(this.certificateSource).append(", serial=" + this.certificate.getSerialNumber()).append("]");
        return stringBuffer.toString();
    }
}
