package idman.rules;

import idman.dbi.Database;
import idman.mngt.Context;
import idman.util.PKI;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import org.ssonet.net.CertificateListener;
import org.ssonet.net.CryptoTools;
import org.ssonet.net.SSONETContext;
import psman.data.Certificate;
import psman.data.Person;
import psman.data.TPartner;
import psman.dbi.DBI;

/* loaded from: input_file:idman/rules/DefaultCertificateListener.class */
public class DefaultCertificateListener implements CertificateListener {
    protected ChainEvaluationListener listener;
    public static boolean debug = false;

    public DefaultCertificateListener(ChainEvaluationListener chainEvaluationListener) {
        this.listener = null;
        this.listener = chainEvaluationListener;
    }

    public DefaultCertificateListener() {
        this.listener = null;
        this.listener = null;
    }

    public int checkCertificate(SSONETContext sSONETContext, X509Certificate x509Certificate) {
        if (debug) {
            System.out.println("Checking Certificate.");
        }
        if (debug) {
            System.out.println(x509Certificate.toString());
        }
        long[] jArr = new long[10];
        if (debug) {
            jArr[0] = System.currentTimeMillis();
        }
        try {
            Context context = (Context) sSONETContext;
            boolean z = false;
            TPartner tPartner = context.getTPartner();
            PublicKey publicKey = x509Certificate.getPublicKey();
            PublicKey publicKey2 = null;
            if (publicKey != null) {
                try {
                    CryptoTools.testCertificate(x509Certificate, publicKey);
                    z = true;
                } catch (Exception e) {
                }
                if (debug) {
                    jArr[1] = System.currentTimeMillis();
                }
                if (z) {
                    publicKey2 = publicKey;
                } else if (debug) {
                    System.out.println("Failed selfsigning Test.");
                }
                if (!z) {
                    publicKey2 = new PKI(sSONETContext).checkCertificate(x509Certificate);
                    z |= publicKey2 != null;
                    if (!z && debug) {
                        System.out.println("Failed pkisigning Test. (BAD!!!)");
                    }
                }
                if (debug) {
                    jArr[2] = System.currentTimeMillis();
                }
                if (z && tPartner == null) {
                    if (debug) {
                        System.out.println("DefaultCertificateListener::checkCertificate: Ermittle TPartner");
                    }
                    Principal subjectDN = x509Certificate.getSubjectDN();
                    if (subjectDN != null) {
                        String name = subjectDN.getName();
                        int indexOf = name.indexOf("CN=");
                        int indexOf2 = name.indexOf(",", indexOf);
                        if (indexOf2 < 0) {
                            indexOf2 = name.length();
                        }
                        String substring = name.substring(indexOf + 3, indexOf2);
                        DBI dbi = Database.getDBI(sSONETContext);
                        TPartner selectTPartner = dbi.selectTPartner(substring);
                        try {
                            psman.data.PublicKey selectPublicKey = dbi.selectPublicKey(psman.data.PublicKey.computeID(x509Certificate.getPublicKey().getEncoded()));
                            if (selectPublicKey != null) {
                                selectTPartner = dbi.selectTPartner(selectPublicKey);
                            }
                        } catch (Exception e2) {
                            System.err.println("ERR: new code, DefaultCertificateListener");
                            e2.printStackTrace();
                        }
                        if (selectTPartner == null) {
                            byte[] encoded = publicKey.getEncoded();
                            byte[] encoded2 = publicKey2.getEncoded();
                            byte[] computeID = psman.data.PublicKey.computeID(encoded);
                            byte[] computeID2 = psman.data.PublicKey.computeID(encoded2);
                            byte[] computeID3 = Certificate.computeID(encoded, encoded2);
                            psman.data.PublicKey selectPublicKey2 = dbi.selectPublicKey(computeID);
                            if (selectPublicKey2 == null) {
                                selectPublicKey2 = new psman.data.PublicKey(computeID, encoded);
                                dbi.insert(selectPublicKey2);
                            }
                            if (dbi.selectCertificate(computeID3) == null) {
                                Certificate certificate = new Certificate(computeID3, x509Certificate.getEncoded());
                                dbi.insert(certificate);
                                dbi.insert(selectPublicKey2, new Certificate[]{certificate});
                                dbi.insert(certificate, dbi.selectPublicKey(computeID2));
                            }
                            selectTPartner = new TPartner(substring, selectPublicKey2, (Person) null);
                            dbi.insert(selectTPartner);
                        }
                        context.setTPartner(selectTPartner);
                    }
                    if (debug) {
                        jArr[3] = System.currentTimeMillis();
                    }
                    if (context.getPseudonym() == null) {
                        z = ChainEvaluator.evaluate("Pseudonymverwaltung", this.listener, null, null, context);
                    }
                } else {
                    z = false;
                }
            }
            if (debug) {
                System.out.println(new StringBuffer().append("Certificate is ").append(z ? "valid (good)." : "invalid (BAD!).").toString());
            }
            if (debug) {
                jArr[4] = System.currentTimeMillis();
                System.out.println(new StringBuffer().append("DefaultCertificateListener: times needed for selfSignTest: ").append(jArr[1] - jArr[0]).append("\n").append("                                              PKISignTest: ").append(jArr[2] - jArr[1]).append("\n").append("                                         finding TPartner: ").append(jArr[3] - jArr[2]).append("\n").append("                                      evaluating TPartner: ").append(jArr[4] - jArr[3]).toString());
            }
            return z ? 1 : -1;
        } catch (Exception e3) {
            e3.printStackTrace();
            return 0;
        }
    }

    public boolean equals(byte[] bArr, byte[] bArr2) {
        if (bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }
}
