package com.foilen.smalltools.crypt.cert;

import com.foilen.smalltools.exception.SmallToolsException;
import com.foilen.smalltools.tools.CloseableTools;
import java.io.FileReader;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.Certificate;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemReader;

/* loaded from: input_file:com/foilen/smalltools/crypt/cert/RSATrustedCertificates.class */
public class RSATrustedCertificates {
    private Map<X500Name, List<RSACertificate>> trustedCertificatesBySubject = new HashMap();
    private Map<X500Name, List<RSACertificate>> intermediateCertificatesBySubject = new HashMap();

    public RSATrustedCertificates addIntermediateCertificate(Certificate... certificateArr) {
        for (Certificate certificate : certificateArr) {
            addIntermediateRsaCertificate(new RSACertificate(new X509CertificateHolder(certificate)));
        }
        return this;
    }

    public RSATrustedCertificates addIntermediateCertificate(Collection<Certificate> collection) {
        Iterator<Certificate> it = collection.iterator();
        while (it.hasNext()) {
            addIntermediateRsaCertificate(new RSACertificate(new X509CertificateHolder(it.next())));
        }
        return this;
    }

    public RSATrustedCertificates addIntermediateCertificateHolder(Collection<X509CertificateHolder> collection) {
        Iterator<X509CertificateHolder> it = collection.iterator();
        while (it.hasNext()) {
            addIntermediateRsaCertificate(new RSACertificate(it.next()));
        }
        return this;
    }

    public RSATrustedCertificates addIntermediateCertificateHolder(X509CertificateHolder... x509CertificateHolderArr) {
        for (X509CertificateHolder x509CertificateHolder : x509CertificateHolderArr) {
            addIntermediateRsaCertificate(new RSACertificate(x509CertificateHolder));
        }
        return this;
    }

    public RSATrustedCertificates addIntermediateFromPemFile(String str) {
        addToList(this.intermediateCertificatesBySubject, str);
        return this;
    }

    public RSATrustedCertificates addIntermediateRsaCertificate(Collection<RSACertificate> collection) {
        Iterator<RSACertificate> it = collection.iterator();
        while (it.hasNext()) {
            addToList(this.intermediateCertificatesBySubject, it.next());
        }
        return this;
    }

    public RSATrustedCertificates addIntermediateRsaCertificate(RSACertificate... rSACertificateArr) {
        for (RSACertificate rSACertificate : rSACertificateArr) {
            addToList(this.intermediateCertificatesBySubject, rSACertificate);
        }
        return this;
    }

    private void addToList(Map<X500Name, List<RSACertificate>> map, RSACertificate rSACertificate) {
        X500Name subject = rSACertificate.getCertificateHolder().getSubject();
        List<RSACertificate> list = map.get(subject);
        if (list == null) {
            list = new ArrayList();
            map.put(subject, list);
        }
        list.add(rSACertificate);
    }

    private void addToList(Map<X500Name, List<RSACertificate>> map, String str) {
        PemReader pemReader = null;
        try {
            try {
                pemReader = new PemReader(new FileReader(str));
                while (true) {
                    PemObject readPemObject = pemReader.readPemObject();
                    if (readPemObject == null) {
                        CloseableTools.close(pemReader);
                        return;
                    } else if ("CERTIFICATE".equals(readPemObject.getType())) {
                        RSACertificate rSACertificate = new RSACertificate();
                        rSACertificate.setCertificateHolder(new X509CertificateHolder(readPemObject.getContent()));
                        addToList(map, rSACertificate);
                    }
                }
            } catch (Exception e) {
                throw new SmallToolsException("Problem loading the certificates", e);
            }
        } catch (Throwable th) {
            CloseableTools.close(pemReader);
            throw th;
        }
    }

    public RSATrustedCertificates addTrustedCertificate(Certificate... certificateArr) {
        for (Certificate certificate : certificateArr) {
            addTrustedRsaCertificate(new RSACertificate(new X509CertificateHolder(certificate)));
        }
        return this;
    }

    public RSATrustedCertificates addTrustedCertificate(Collection<Certificate> collection) {
        Iterator<Certificate> it = collection.iterator();
        while (it.hasNext()) {
            addTrustedRsaCertificate(new RSACertificate(new X509CertificateHolder(it.next())));
        }
        return this;
    }

    public RSATrustedCertificates addTrustedCertificateHolder(Collection<X509CertificateHolder> collection) {
        Iterator<X509CertificateHolder> it = collection.iterator();
        while (it.hasNext()) {
            addTrustedRsaCertificate(new RSACertificate(it.next()));
        }
        return this;
    }

    public RSATrustedCertificates addTrustedCertificateHolder(X509CertificateHolder... x509CertificateHolderArr) {
        for (X509CertificateHolder x509CertificateHolder : x509CertificateHolderArr) {
            addTrustedRsaCertificate(new RSACertificate(x509CertificateHolder));
        }
        return this;
    }

    public RSATrustedCertificates addTrustedFromPemFile(String str) {
        addToList(this.trustedCertificatesBySubject, str);
        return this;
    }

    public RSATrustedCertificates addTrustedRsaCertificate(Collection<RSACertificate> collection) {
        Iterator<RSACertificate> it = collection.iterator();
        while (it.hasNext()) {
            addToList(this.trustedCertificatesBySubject, it.next());
        }
        return this;
    }

    public RSATrustedCertificates addTrustedRsaCertificate(RSACertificate... rSACertificateArr) {
        for (RSACertificate rSACertificate : rSACertificateArr) {
            addToList(this.trustedCertificatesBySubject, rSACertificate);
        }
        return this;
    }

    private RSACertificate findValidSignature(RSACertificate rSACertificate, Collection<RSACertificate> collection) {
        if (collection == null) {
            return null;
        }
        for (RSACertificate rSACertificate2 : collection) {
            if (rSACertificate.isValidSignature(rSACertificate2) && rSACertificate2.isValidDate()) {
                return rSACertificate2;
            }
        }
        return null;
    }

    public List<RSACertificate> getIntermediatesCertificates() {
        ArrayList arrayList = new ArrayList();
        Iterator<List<RSACertificate>> it = this.intermediateCertificatesBySubject.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next());
        }
        return arrayList;
    }

    public List<RSACertificate> getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        Iterator<List<RSACertificate>> it = this.trustedCertificatesBySubject.values().iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next());
        }
        return arrayList;
    }

    public boolean isTrusted(RSACertificate rSACertificate) {
        return isTrusted(rSACertificate, Collections.emptyList());
    }

    public boolean isTrusted(RSACertificate rSACertificate, Collection<RSACertificate> collection) {
        if (!rSACertificate.isValidDate()) {
            return false;
        }
        X500Name issuer = rSACertificate.getCertificateHolder().getIssuer();
        if (findValidSignature(rSACertificate, this.trustedCertificatesBySubject.get(issuer)) != null) {
            return true;
        }
        RSACertificate findValidSignature = findValidSignature(rSACertificate, this.intermediateCertificatesBySubject.get(issuer));
        if (findValidSignature != null) {
            return isTrusted(findValidSignature, collection);
        }
        RSACertificate findValidSignature2 = findValidSignature(rSACertificate, collection);
        if (findValidSignature2 != null) {
            return isTrusted(findValidSignature2, collection);
        }
        return false;
    }

    public boolean isTrusted(RSACertificate rSACertificate, RSACertificate... rSACertificateArr) {
        return isTrusted(rSACertificate, Arrays.asList(rSACertificateArr));
    }
}
