package org.mozilla.jss.tests;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.util.ArrayList;
import java.util.Iterator;
import org.mozilla.jss.CryptoManager;
import org.mozilla.jss.pkix.cert.Certificate;
import org.mozilla.jss.util.Password;

/* JADX WARN: Classes with same name are omitted:
  input_file:115924-10/SUNWjss/reloc/usr/share/lib/mps/secv1/jss3.jar:org/mozilla/jss/tests/VerifyCert.class
 */
/* loaded from: input_file:115924-10/SUNWjssx/reloc/usr/share/lib/mps/secv1/sparcv9/jss3.jar:org/mozilla/jss/tests/VerifyCert.class */
public class VerifyCert {
    public void showCert(String str) {
        try {
            ((Certificate) Certificate.getTemplate().decode(new BufferedInputStream(new FileInputStream(str)))).getInfo().print(System.out);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private void usage() {
        System.out.println("Usage: java org.mozilla.jss.tests.VerifyCert");
        System.out.println("\noptions:\n\n<dbdir> <passwd> <nicknameOfCertinDB> <OCSPResponderURL> <OCSPCertNickname>\n");
        System.out.println("<dbdir> <passwd> <DerEncodeCertFile> <OCSPResponderURL> <OCSPCertNickname>\n");
        System.out.println("Note: <OCSPResponderURL> and <OCSPCertNickname> are optional.\n      But if used, both Url/nickname must be specified.");
    }

    public static void main(String[] strArr) {
        try {
            VerifyCert verifyCert = new VerifyCert();
            if (strArr.length < 3) {
                verifyCert.usage();
                return;
            }
            String str = strArr[0];
            String str2 = strArr[1];
            String str3 = strArr[2];
            String str4 = null;
            String str5 = null;
            if (strArr.length == 4 || strArr.length > 5) {
                verifyCert.usage();
            } else if (strArr.length == 5) {
                str4 = strArr[3];
                str5 = strArr[4];
            }
            CryptoManager.InitializationValues initializationValues = new CryptoManager.InitializationValues(str);
            initializationValues.ocspCheckingEnabled = true;
            if (str4 != null && str5 != null) {
                initializationValues.ocspResponderCertNickname = str5;
                initializationValues.ocspResponderURL = str4;
            }
            CryptoManager.initialize(initializationValues);
            CryptoManager cryptoManager = CryptoManager.getInstance();
            cryptoManager.setPasswordCallback(new Password(str2.toCharArray()));
            try {
                FileInputStream fileInputStream = new FileInputStream(str3);
                byte[] bArr = new byte[fileInputStream.available()];
                fileInputStream.read(bArr);
                verifyCert.showCert(str3);
                verifyCert.validateDerCert(bArr, cryptoManager);
            } catch (FileNotFoundException e) {
                verifyCert.validateCertInDB(str3, cryptoManager);
            }
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    public void validateDerCert(byte[] bArr, CryptoManager cryptoManager) {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator certUsages = CryptoManager.CertUsage.getCertUsages();
            while (certUsages.hasNext()) {
                CryptoManager.CertUsage certUsage = (CryptoManager.CertUsage) certUsages.next();
                if (!certUsage.equals(CryptoManager.CertUsage.UserCertImport) && !certUsage.equals(CryptoManager.CertUsage.ProtectedObjectSigner) && !certUsage.equals(CryptoManager.CertUsage.AnyCA) && cryptoManager.isCertValid(bArr, true, certUsage)) {
                    arrayList.add(certUsage.toString());
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (arrayList.isEmpty()) {
            System.out.println("The certificate is not valid.");
            return;
        }
        System.out.println("The certificate is valid for the following usages:\n");
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            System.out.println(new StringBuffer().append("                       ").append(it.next()).toString());
        }
    }

    public void validateCertInDB(String str, CryptoManager cryptoManager) {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator certUsages = CryptoManager.CertUsage.getCertUsages();
            while (certUsages.hasNext()) {
                CryptoManager.CertUsage certUsage = (CryptoManager.CertUsage) certUsages.next();
                if (!certUsage.equals(CryptoManager.CertUsage.UserCertImport) && !certUsage.equals(CryptoManager.CertUsage.ProtectedObjectSigner) && !certUsage.equals(CryptoManager.CertUsage.AnyCA) && cryptoManager.isCertValid(str, true, certUsage)) {
                    arrayList.add(certUsage.toString());
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (arrayList.isEmpty()) {
            System.out.println("The certificate is not valid.");
            return;
        }
        System.out.println("The certificate is valid for the following usages:\n");
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            System.out.println(new StringBuffer().append("                       ").append(it.next()).toString());
        }
    }
}
