package kz.documentolog.applets;

import java.io.IOException;
import java.security.cert.X509Certificate;
import javafx.scene.control.ButtonBar;
import kz.gov.pki.kalkan.asn1.ASN1Object;
import kz.gov.pki.kalkan.asn1.DERObjectIdentifier;
import kz.gov.pki.kalkan.asn1.DEROctetString;
import kz.gov.pki.kalkan.asn1.DERSequence;
import kz.gov.pki.reference.KNCAOids;
import org.apache.log4j.Logger;

/* loaded from: input_file:kz/documentolog/applets/X509CertificateInfo.class */
public class X509CertificateInfo {
    public static String getInfo(X509Certificate x509Certificate, String str) throws Throwable {
        String institutionType;
        if (str.equals("all")) {
            institutionType = (((((((ButtonBar.BUTTON_ORDER_NONE + "issuer-:-" + getIssuerDN(x509Certificate) + "-;-") + "subject-:-" + getSubjectDN(x509Certificate) + "-;-") + "not_after-:-" + getNotAfter(x509Certificate) + "-;-") + "not_before-:-" + getNotBefore(x509Certificate) + "-;-") + "oid-:-" + checkExtendedKeyUsage(x509Certificate, "2.5.29.37") + "-;-") + "serial_number-:-" + getSerialNumber(x509Certificate) + "-;-") + "certificate_type-:-" + getCertificateType(x509Certificate) + "-;-") + "institution_type-:-" + getInstitutionType(x509Certificate) + "-;-";
        } else if (str.equals("issuer")) {
            institutionType = getIssuerDN(x509Certificate);
        } else if (str.equals("subject")) {
            institutionType = getSubjectDN(x509Certificate);
        } else if (str.equals("not_after")) {
            institutionType = getNotAfter(x509Certificate);
        } else if (str.equals("not_before")) {
            institutionType = getNotBefore(x509Certificate);
        } else if (str.equals("serial_number")) {
            institutionType = getSerialNumber(x509Certificate);
        } else if (str.equals("oid")) {
            institutionType = checkExtendedKeyUsage(x509Certificate, "2.5.29.37");
        } else if (str.equals("certificate_type")) {
            institutionType = getCertificateType(x509Certificate);
        } else {
            if (!str.equals("institution_type_string")) {
                return "false";
            }
            institutionType = getInstitutionType(x509Certificate);
        }
        return institutionType;
    }

    public static String getIssuerDN(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerDN().getName();
    }

    public static String getSubjectDN(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().getName();
    }

    public static String getNotAfter(X509Certificate x509Certificate) {
        return x509Certificate.getNotAfter().toString();
    }

    public static String getNotBefore(X509Certificate x509Certificate) {
        return x509Certificate.getNotBefore().toString();
    }

    public static String getSerialNumber(X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber().toString();
    }

    public static String checkExtendedKeyUsage(X509Certificate x509Certificate, String str) throws IOException {
        try {
            return ((DERObjectIdentifier) ((DERSequence) DERSequence.fromByteArray(((DEROctetString) ASN1Object.fromByteArray(x509Certificate.getExtensionValue(str))).getOctets())).getObjectAt(2)).getId();
        } catch (Exception e) {
            return ButtonBar.BUTTON_ORDER_NONE;
        }
    }

    public static String getCertificateType(X509Certificate x509Certificate) {
        return getSubjectDN(x509Certificate).contains("OU=") ? "institution" : "individual";
    }

    public static String getInstitutionType(X509Certificate x509Certificate) {
        try {
            String checkExtendedKeyUsage = checkExtendedKeyUsage(x509Certificate, "2.5.29.37");
            boolean z = -1;
            switch (checkExtendedKeyUsage.hashCode()) {
                case -1949761101:
                    if (checkExtendedKeyUsage.equals(KNCAOids.KNCA_COMPANY_HEAD)) {
                        z = false;
                        break;
                    }
                    break;
                case -1949761100:
                    if (checkExtendedKeyUsage.equals(KNCAOids.KNCA_COMPANY_AUTHORIZED_TO_SIGN)) {
                        z = true;
                        break;
                    }
                    break;
                case -1949761099:
                    if (checkExtendedKeyUsage.equals(KNCAOids.KNCA_COMPANY_AUTHORIZED_TO_SIGN_FIN_DOCS)) {
                        z = 2;
                        break;
                    }
                    break;
                case -1949761098:
                    if (checkExtendedKeyUsage.equals(KNCAOids.KNCA_COMPANY_HR)) {
                        z = 3;
                        break;
                    }
                    break;
                case -1949761097:
                    if (checkExtendedKeyUsage.equals(KNCAOids.KNCA_COMPANY_EMPLOYEE)) {
                        z = 4;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return "Первый руководитель юридического лица, имеющий право подписи";
                case true:
                    return "Лицо, наделенное правом подписи";
                case true:
                    return "Лицо, наделенное правом подписи финансовых документов";
                case true:
                    return "Сотрудник отдела кадров, наделенный правом подтверждать заявки на выпуск регистрационных свидетельств поданные от сотрудников юридического лица";
                case true:
                    return "Сотрудник организации";
                default:
                    return ButtonBar.BUTTON_ORDER_NONE;
            }
        } catch (IOException e) {
            Logger.getLogger(X509CertificateInfo.class.getName()).error(e.getMessage(), e);
            return ButtonBar.BUTTON_ORDER_NONE;
        }
    }
}
