package org.openoces.ooapi.certificate;

import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.openoces.ooapi.ObjectIdentifiers;
import org.openoces.ooapi.exceptions.NonOcesCertificateException;
import org.openoces.ooapi.utils.X509CertificatePropertyExtrator;

/* loaded from: input_file:org/openoces/ooapi/certificate/PKILightPKICertificate.class */
public class PKILightPKICertificate implements Certificate {
    private static final long serialVersionUID = -1038427028480385039L;
    private static final Pattern subjectSerialNumberRegExp = Pattern.compile("^CVR:(\\d{8})\\-UID:(.+){1,47}$");
    protected X509Certificate certificate;
    private CA issuingCA;

    /* JADX INFO: Access modifiers changed from: protected */
    public PKILightPKICertificate(X509Certificate x509Certificate, CA ca) {
        this.certificate = x509Certificate;
        setIssuingCa(ca);
    }

    public void setIssuingCa(CA ca) {
        this.issuingCA = ca;
    }

    @Override // org.openoces.ooapi.certificate.CertificateChainElement
    public CA getSigningCA() {
        return this.issuingCA;
    }

    public CertificateStatus validityStatus() {
        return validityStatus(new Date());
    }

    public CertificateStatus validityStatus(Date date) {
        try {
            this.certificate.checkValidity(date);
            return CertificateStatus.VALID;
        } catch (CertificateExpiredException e) {
            return CertificateStatus.EXPIRED;
        } catch (CertificateNotYetValidException e2) {
            return CertificateStatus.NOT_YET_VALID;
        }
    }

    public String getSubjectDistinguishedName() {
        return getSubjectDistinguishedName("RFC2253");
    }

    public String getSubjectDistinguishedName(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(ObjectIdentifiers.SERIAL_NUMBER, "serialnumber");
        return this.certificate.getSubjectX500Principal().getName(str, hashMap);
    }

    public String getSubjectCN() {
        return X509CertificatePropertyExtrator.getSubjectCommonName(this.certificate);
    }

    public String getEmailAddress() {
        return X509CertificatePropertyExtrator.getEmailAddress(this.certificate);
    }

    public String getSubjectSerialNumber() {
        return X509CertificatePropertyExtrator.getSubjectSerialNumber(this.certificate);
    }

    public String getUid() throws NonOcesCertificateException {
        return extractIdFromSubjectSerialNumber(2);
    }

    public String getCvr() throws NonOcesCertificateException {
        return extractIdFromSubjectSerialNumber(1);
    }

    private String extractIdFromSubjectSerialNumber(int i) {
        String subjectSerialNumber = getSubjectSerialNumber();
        Matcher matcher = subjectSerialNumberRegExp.matcher(subjectSerialNumber);
        if (matcher.matches()) {
            return matcher.group(i);
        }
        throw new NonOcesCertificateException("No UID number present in subject serialnumber, subject serialnumber is " + subjectSerialNumber);
    }

    public X509Certificate exportCertificate() {
        return this.certificate;
    }
}
