package com.jaspersoft.studio.server.protocol;

import com.jaspersoft.studio.server.messages.Messages;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import net.sf.jasperreports.eclipse.util.FileUtils;
import org.apache.axis.components.jms.JNDIVendorAdapter;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.x509.CRLDistPoint;
import org.bouncycastle.asn1.x509.DistributionPoint;
import org.bouncycastle.asn1.x509.DistributionPointName;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;

/* loaded from: input_file:com/jaspersoft/studio/server/protocol/CRLVerifier.class */
public class CRLVerifier {
    public static void verifyCertificateCRLs(X509Certificate x509Certificate) throws CertificateException {
        try {
            for (String str : getCrlDistributionPoints(x509Certificate)) {
                if (downloadCRL(str).isRevoked(x509Certificate)) {
                    throw new CertificateException(String.valueOf(Messages.CRLVerifier_0) + str);
                }
            }
        } catch (CertificateException e) {
            throw e;
        } catch (Exception unused) {
            throw new CertificateException(String.valueOf(Messages.CRLVerifier_1) + x509Certificate.getSubjectX500Principal());
        }
    }

    private static X509CRL downloadCRL(String str) throws IOException, CRLException, CertificateException, NamingException {
        if (str.startsWith(Messages.CRLVerifier_2) || str.startsWith("https://") || str.startsWith("ftp://")) {
            return downloadCRLFromWeb(str);
        }
        if (str.startsWith("ldap://")) {
            return downloadCRLFromLDAP(str);
        }
        throw new CertificateException(String.valueOf(Messages.CRLVerifier_6) + str);
    }

    private static X509CRL downloadCRLFromLDAP(String str) throws NamingException, CRLException, CertificateException {
        Map hashMap = new HashMap();
        hashMap.put(JNDIVendorAdapter.CONTEXT_FACTORY, Messages.CRLVerifier_7);
        hashMap.put(JNDIVendorAdapter.PROVIDER_URL, str);
        byte[] bArr = (byte[]) new InitialDirContext((Hashtable) hashMap).getAttributes("").get(Messages.CRLVerifier_9).get();
        if (bArr == null || bArr.length == 0) {
            throw new CertificateException(String.valueOf(Messages.CRLVerifier_10) + str);
        }
        return (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new ByteArrayInputStream(bArr));
    }

    private static X509CRL downloadCRLFromWeb(String str) throws IOException, CertificateException, CRLException {
        InputStream openStream = new URL(str).openStream();
        try {
            return (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(openStream);
        } finally {
            FileUtils.closeStream(openStream);
        }
    }

    public static List<String> getCrlDistributionPoints(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.cRLDistributionPoints.getId());
        if (extensionValue == null) {
            return new ArrayList();
        }
        ArrayList arrayList = new ArrayList();
        ASN1InputStream aSN1InputStream = null;
        ASN1InputStream aSN1InputStream2 = null;
        try {
            aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
            aSN1InputStream2 = new ASN1InputStream(new ByteArrayInputStream(aSN1InputStream.readObject().getOctets()));
            for (DistributionPoint distributionPoint : CRLDistPoint.getInstance(aSN1InputStream2.readObject()).getDistributionPoints()) {
                DistributionPointName distributionPoint2 = distributionPoint.getDistributionPoint();
                if (distributionPoint2 != null && distributionPoint2.getType() == 0) {
                    GeneralName[] names = GeneralNames.getInstance(distributionPoint2.getName()).getNames();
                    for (int i = 0; i < names.length; i++) {
                        if (names[i].getTagNo() == 6) {
                            arrayList.add(DERIA5String.getInstance(names[i].getName()).getString());
                        }
                    }
                }
            }
            FileUtils.closeStream(aSN1InputStream);
            FileUtils.closeStream(aSN1InputStream2);
            return arrayList;
        } catch (Throwable th) {
            FileUtils.closeStream(aSN1InputStream);
            FileUtils.closeStream(aSN1InputStream2);
            throw th;
        }
    }
}
