package org.wso2.solutions.identity.relyingparty.saml;

import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.ws.security.components.crypto.X509NameTokenizer;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;

/* loaded from: input_file:org/wso2/solutions/identity/relyingparty/saml/IssuerCertificateUtil.class */
public class IssuerCertificateUtil {
    public static boolean checkSystemStoree(X509Certificate x509Certificate, KeyStore keyStore, KeyStore keyStore2) throws Exception {
        String name = x509Certificate.getIssuerDN().getName();
        x509Certificate.checkValidity();
        try {
            return keyStore2.containsAlias(name);
        } catch (Exception e) {
            throw new RelyingPartyException("errorLoadingTrustedKeystore", e);
        }
    }

    public static boolean doBlackListCheck(List[] listArr, X509Certificate x509Certificate) throws RelyingPartyException {
        boolean z = true;
        if (x509Certificate == null) {
            throw new RelyingPartyException("noCertInToken");
        }
        if (listArr == null) {
            z = true;
        } else {
            List dNOfIssuer = getDNOfIssuer(x509Certificate.getIssuerDN().getName());
            int i = 0;
            while (true) {
                if (i >= listArr.length) {
                    break;
                }
                if (dNOfIssuer.equals(listArr[i])) {
                    z = false;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public static boolean doWhiteListCheck(List[] listArr, X509Certificate x509Certificate) throws RelyingPartyException {
        boolean z = false;
        if (x509Certificate == null) {
            throw new RelyingPartyException("noCertInToken");
        }
        if (listArr != null) {
            List dNOfIssuer = getDNOfIssuer(x509Certificate.getIssuerDN().getName());
            int i = 0;
            while (true) {
                if (i >= listArr.length) {
                    break;
                }
                if (dNOfIssuer.equals(listArr[i])) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        return z;
    }

    public static String getCNOfSubject(X509Certificate x509Certificate) {
        String name = x509Certificate.getIssuerDN().getName();
        if (!name.contains("CN=")) {
            return null;
        }
        int indexOf = name.indexOf("CN=");
        return name.substring(indexOf + 3, name.indexOf(",", indexOf)).trim();
    }

    public static List getDNOfIssuer(String str) {
        X509NameTokenizer x509NameTokenizer = new X509NameTokenizer(str);
        ArrayList arrayList = new ArrayList();
        while (x509NameTokenizer.hasMoreTokens()) {
            arrayList.add(x509NameTokenizer.nextToken());
        }
        Collections.sort(arrayList);
        return arrayList;
    }
}
