package com.sun.identity.security.cert;

import com.iplanet.am.util.Debug;
import com.iplanet.security.x509.X500Name;
import com.sun.identity.security.SecurityDebug;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import netscape.ldap.LDAPAttribute;
import netscape.ldap.LDAPAttributeSet;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSearchResults;

/* JADX WARN: Classes with same name are omitted:
  input_file:119465-05/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/security/cert/AMCertStore.class
 */
/* loaded from: input_file:119465-05/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/security/cert/AMCertStore.class */
public class AMCertStore {
    protected AMLDAPCertStoreParameters storeParam;
    protected LDAPConnection ldapconn = null;
    protected X509Certificate certificate = null;
    protected static CertificateFactory cf;
    static final String amSecurity = "amSecurity";
    static Debug debug = SecurityDebug.debug;

    public AMCertStore(AMLDAPCertStoreParameters aMLDAPCertStoreParameters) {
        this.storeParam = null;
        this.storeParam = aMLDAPCertStoreParameters;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPConnection getConnection() {
        if (this.ldapconn != null) {
            return this.ldapconn;
        }
        if (this.storeParam.isSecure()) {
            debug.message("Cert:  initial ldc  using ssl.");
            try {
                this.ldapconn = new LDAPConnection(this.storeParam.getSecureSocketFactory());
                debug.message("validate(): SSLSocketFactory called");
            } catch (Exception e) {
                debug.error("validate.JSSSocketFactory", e);
            }
        } else {
            this.ldapconn = new LDAPConnection();
        }
        try {
            this.ldapconn.connect(this.storeParam.getServerName(), this.storeParam.getPort());
            LDAPConnection lDAPConnection = this.ldapconn;
            AMLDAPCertStoreParameters aMLDAPCertStoreParameters = this.storeParam;
            lDAPConnection.authenticate(3, this.storeParam.getUser(), this.storeParam.getPassword());
        } catch (LDAPException e2) {
            debug.message("Certificate: dircontext", e2);
        }
        return this.ldapconn;
    }

    LDAPSearchResults getSearchResults(LDAPConnection lDAPConnection) {
        try {
            LDAPSearchResults search = lDAPConnection.search(this.storeParam.getStartLoc(), 2, this.storeParam.getSearchFilter(), (String[]) null, false);
            if (search != null && search.hasMoreElements()) {
                return search;
            }
            debug.error("No ldap Entry found !");
            return null;
        } catch (Exception e) {
            debug.error(new StringBuffer().append("Error in ldap search for ").append(this.storeParam.getSearchFilter()).toString());
            debug.error(new StringBuffer().append("").append(e.toString()).toString());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public LDAPEntry getLdapEntry(LDAPConnection lDAPConnection) {
        try {
            return getSearchResults(lDAPConnection).next();
        } catch (Exception e) {
            debug.error("Error in getting Cached CRL");
            return null;
        }
    }

    public X509Certificate getCertificate(X509Certificate x509Certificate) {
        try {
            LDAPSearchResults searchResults = getSearchResults(getConnection());
            while (searchResults != null) {
                if (!searchResults.hasMoreElements()) {
                    return null;
                }
                LDAPAttributeSet attributeSet = searchResults.next().getAttributeSet();
                LDAPAttribute attribute = attributeSet.getAttribute("usercertificate");
                if (attribute == null) {
                    attribute = attributeSet.getAttribute("usercertificate;binary");
                    if (attribute == null) {
                        debug.message("Certificate - get usercertificate is null ");
                    }
                }
                Enumeration byteValues = attribute.getByteValues();
                while (byteValues.hasMoreElements()) {
                    X509Certificate x509Certificate2 = null;
                    try {
                        x509Certificate2 = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream((byte[]) byteValues.nextElement()));
                    } catch (CertificateParsingException e) {
                        debug.error("Error in Certificate parsing : ", e);
                    }
                    if (x509Certificate2 != null && x509Certificate.equals(x509Certificate2)) {
                        return x509Certificate2;
                    }
                }
            }
            return null;
        } catch (Exception e2) {
            debug.error("Certificate - Error finding registered certificate = ", e2);
            return null;
        }
    }

    public static X500Name getIssuerDN(X509Certificate x509Certificate) throws IOException {
        X500Name x500Name = null;
        try {
            x500Name = new X500Name(x509Certificate.getIssuerDN().getEncoded());
        } catch (IOException e) {
            debug.error(new StringBuffer().append("Error in getting issuer DN : ").append(e.toString()).toString());
        }
        return x500Name;
    }

    public static X500Name getSubjectDN(X509Certificate x509Certificate) throws IOException {
        X500Name x500Name = null;
        try {
            x500Name = new X500Name(x509Certificate.getSubjectDN().getEncoded());
        } catch (Exception e) {
            debug.error(new StringBuffer().append("Error in getting subject DN : ").append(e.toString()).toString());
        }
        return x500Name;
    }

    static {
        cf = null;
        try {
            cf = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            debug.error(new StringBuffer().append("").append(e.toString()).toString());
        }
    }
}
