package de.rub.nds.x509attacker.x509;

import de.rub.nds.asn1.Asn1Encodable;
import de.rub.nds.asn1.encoder.Asn1EncoderForX509;
import de.rub.nds.asn1.model.Asn1Sequence;
import de.rub.nds.asn1.model.KeyInfo;
import de.rub.nds.asn1.model.SignatureInfo;
import de.rub.nds.asn1.parser.IntermediateAsn1Field;
import de.rub.nds.modifiablevariable.HoldsModifiableVariable;
import de.rub.nds.modifiablevariable.bytearray.ByteArrayExplicitValueModification;
import de.rub.nds.x509attacker.X509Attributes;
import de.rub.nds.x509attacker.filesystem.CertificateFileWriter;
import de.rub.nds.x509attacker.identifiermap.IdentifierMap;
import de.rub.nds.x509attacker.linker.Linker;
import de.rub.nds.x509attacker.x509.serializer.X509CertificateSerializer;
import de.rub.nds.x509attacker.xmlsignatureengine.XmlSignatureEngine;
import de.rub.nds.x509attacker.xmlsignatureengine.XmlSignatureEngineException;
import jakarta.xml.bind.JAXBException;
import jakarta.xml.bind.annotation.XmlAccessType;
import jakarta.xml.bind.annotation.XmlAccessorType;
import jakarta.xml.bind.annotation.XmlRootElement;
import java.io.File;
import java.io.IOException;
import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.xml.stream.XMLStreamException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

@XmlRootElement
@XmlAccessorType(XmlAccessType.FIELD)
/* loaded from: input_file:de/rub/nds/x509attacker/x509/X509Certificate.class */
public class X509Certificate {
    private static final Logger LOGGER = LogManager.getLogger(X509Certificate.class);

    @HoldsModifiableVariable
    private Asn1Sequence certificate;
    private SignatureInfo signatureInfo;
    private KeyInfo keyInfo;

    public static X509Certificate getInstance(List<IntermediateAsn1Field> list) {
        return new X509Certificate(list);
    }

    private X509Certificate(List<IntermediateAsn1Field> list) {
        if (list.size() == 1) {
            this.certificate = Certificate.getInstance(list.get(0), "certificate").asn1;
        }
        this.certificate.setAttribute(X509Attributes.ATTACH_TO_CERTIFICATE_LIST, "true");
        this.signatureInfo = new SignatureInfo();
        this.signatureInfo.setToBeSignedIdentifiers(Arrays.asList("/certificate/tbsCertificate"));
        this.signatureInfo.setSignatureValueTargetIdentifier("/certificate/signatureValue");
        this.signatureInfo.setKeyInfoIdentifier("");
        this.signatureInfo.setSignatureAlgorithmOidIdentifier("/certificate/signatureAlgorithm/algorithm");
        this.signatureInfo.setParametersIdentifier("/certificate/signatureAlgorithm/parameters");
        this.signatureInfo.setIdentifier("signatureInfo");
        this.signatureInfo.setType("SignatureInfo");
        this.keyInfo = new KeyInfo();
        this.keyInfo.setKeyFileName("");
        this.keyInfo.setIdentifier("keyInfo");
        this.keyInfo.setType("KeyInfo");
        getIdentifierMap().getElementByIDPath("/certificate/tbsCertificate/subjectPublicKeyInfo").setAttribute(X509Attributes.FROM_IDENTIFIER, "/keyInfo");
        UUID randomUUID = UUID.randomUUID();
        for (String str : (List) getIdentifierMap().getIDPathsByType("AttributeTypeAndValue").stream().filter(str2 -> {
            return str2.contains("subject");
        }).collect(Collectors.toList())) {
            if (getIdentifierMap().getElementByIDPath(str + "/type").getValue().equals("2.5.4.3")) {
                getIdentifierMap().getElementByIDPath(str + "/value").getContent().setModification(new ByteArrayExplicitValueModification(randomUUID.toString().split("-")[0].getBytes()));
            }
        }
    }

    public X509Certificate() {
    }

    public List<Asn1Encodable> getAsn1Encodables() {
        return getAsn1Encodables(false);
    }

    public List<Asn1Encodable> getAsn1Encodables(boolean z) {
        LinkedList linkedList = new LinkedList();
        if (z) {
            linkedList.add(this.certificate);
        } else {
            linkedList.add(this.certificate);
            linkedList.add(this.signatureInfo);
            linkedList.add(this.keyInfo);
        }
        return linkedList;
    }

    public final IdentifierMap getIdentifierMap() {
        return new IdentifierMap(getAsn1Encodables());
    }

    public final IdentifierMap getIdentifierMap(boolean z) {
        return new IdentifierMap(getAsn1Encodables(z));
    }

    public Linker getLinker() {
        return new Linker(getIdentifierMap().getMap());
    }

    public SignatureInfo getSignatureInfo() {
        return this.signatureInfo;
    }

    public void setSignatureInfo(SignatureInfo signatureInfo) {
        this.signatureInfo = signatureInfo;
    }

    public KeyInfo getKeyInfo() {
        return this.keyInfo;
    }

    public void setKeyInfo(KeyInfo keyInfo) {
        this.keyInfo = keyInfo;
    }

    public void setKeyFile(File file) throws IOException {
        this.keyInfo.setKeyFile(file);
    }

    public Asn1Sequence getCertificate() {
        return this.certificate;
    }

    public File writeCertificate(String str, String str2) {
        try {
            String str3 = str2 + ".pem";
            CertificateFileWriter certificateFileWriter = new CertificateFileWriter(str, str3);
            certificateFileWriter.writeCertificate(getEncodedCertificate());
            certificateFileWriter.close();
            return new File(str + "/" + str3);
        } catch (IOException e) {
            LOGGER.warn("Error writing Certificate to PEM: " + e);
            return null;
        }
    }

    public byte[] getEncodedCertificate() {
        return Asn1EncoderForX509.encodeForCertificate(getLinker(), getAsn1Encodables());
    }

    public void signCertificate(KeyInfo keyInfo) throws XmlSignatureEngineException {
        new XmlSignatureEngine(getLinker(), getIdentifierMap().getMap()).computeSignature(keyInfo);
    }

    public X509Certificate getCopy() throws JAXBException, IOException, XMLStreamException {
        return X509CertificateSerializer.copyX509Certificate(this);
    }

    public String getEffectiveSignatureOID() {
        String signatureAlgorithmOidValue = this.signatureInfo.getSignatureAlgorithmOidValue();
        if (signatureAlgorithmOidValue == null || signatureAlgorithmOidValue.isEmpty()) {
            try {
                signatureAlgorithmOidValue = getIdentifierMap().getElementByIDPath(this.signatureInfo.getSignatureAlgorithmOidIdentifier().trim()).getValue();
            } catch (Throwable th) {
                LOGGER.warn("getEffectiveSignatureOID(): could not recognize the effective SignatureOID: " + th);
                return null;
            }
        }
        return signatureAlgorithmOidValue.trim();
    }
}
