package com.logica.security.device;

import com.logica.apps.ivs.client.manager.PKIMgrError;
import com.logica.security.device.CryptoDevice;
import com.logica.security.util.CDnameParser;
import java.security.cert.X509Certificate;
import java.util.Comparator;
import java.util.Map;

/* loaded from: input_file:com/logica/security/device/CertIDCryptoDevice.class */
public abstract class CertIDCryptoDevice extends PrivateKeyCryptoDevice {
    protected static final String CERT_ID_SEPARATOR = "|";
    protected static final Comparator<X509Certificate> CERT_NOT_AFTER_COMPARATOR = new Comparator<X509Certificate>() { // from class: com.logica.security.device.CertIDCryptoDevice.1
        /* renamed from: compare, reason: avoid collision after fix types in other method */
        public int compare2(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
            return x509Certificate.getNotAfter().compareTo(x509Certificate2.getNotAfter());
        }

        @Override // java.util.Comparator
        public int compare(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
            return compare2(x509Certificate, x509Certificate2);
        }
    };
    private boolean m_CertIdExactMatch = true;

    /* loaded from: input_file:com/logica/security/device/CertIDCryptoDevice$CertIdKeyPairFinder.class */
    protected abstract class CertIdKeyPairFinder<E> extends CryptoDevice.KeyPairFinder<E, X509Certificate> {
        private final CertIDCryptoDevice this$0;

        /* JADX INFO: Access modifiers changed from: protected */
        public CertIdKeyPairFinder(CertIDCryptoDevice certIDCryptoDevice) {
            this.this$0 = certIDCryptoDevice;
        }

        @Override // com.logica.security.device.CryptoDevice.KeyPairFinder
        public boolean finished(Map<X509Certificate, E> map) {
            return !map.isEmpty() && this.this$0.doCertIdExactMatch();
        }

        @Override // com.logica.security.device.CryptoDevice.KeyPairFinder
        public Comparator<X509Certificate> getComparator() {
            return CertIDCryptoDevice.CERT_NOT_AFTER_COMPARATOR;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String matchCertId(String str, X509Certificate x509Certificate) {
        if (str == null) {
            throw new NullPointerException("expCertId cannot be null");
        }
        if (x509Certificate == null) {
            throw new NullPointerException("toMatch cannot be null");
        }
        String certId = getCertId(x509Certificate);
        if (doCertIdExactMatch()) {
            if (certId.equals(str)) {
                return certId;
            }
            return null;
        }
        if (certId.startsWith(str)) {
            return certId;
        }
        return null;
    }

    public static String getCertId(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            throw new NullPointerException("cert cannot be null");
        }
        try {
            String cNfromDN = CDnameParser.getInstance().getCNfromDN(x509Certificate.getSubjectDN().getName());
            String bigInteger = x509Certificate.getSerialNumber().toString();
            boolean[] keyUsage = x509Certificate.getKeyUsage();
            String str = PKIMgrError.NO_ERROR_MESSAGE;
            if (keyUsage != null) {
                for (boolean z : keyUsage) {
                    str = z ? new StringBuffer().append(str).append("1").toString() : new StringBuffer().append(str).append("0").toString();
                }
            } else {
                str = "000000000";
            }
            return cNfromDN + "|" + bigInteger + "|" + str;
        } catch (Exception e) {
            throw new IllegalArgumentException(new StringBuffer().append("failed to get CN from DName due to - ").append(e).toString(), e);
        }
    }

    protected boolean doCertIdExactMatch() {
        return this.m_CertIdExactMatch;
    }

    protected final void setCertIDExactMatch(boolean z) {
        this.m_CertIdExactMatch = z;
    }
}
