package com.yoti.api.client.spi.remote;

import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import com.yoti.api.client.Anchor;
import com.yoti.api.client.SignedTimestamp;
import com.yoti.api.client.spi.remote.call.YotiConstants;
import com.yoti.api.client.spi.remote.proto.AttrProto;
import com.yoti.api.client.spi.remote.proto.SignedTimestampProto;
import com.yoti.api.client.spi.remote.util.AnchorType;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/yoti/api/client/spi/remote/AnchorConverter.class */
public class AnchorConverter {
    private static final Logger LOG = LoggerFactory.getLogger(AnchorConverter.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/yoti/api/client/spi/remote/AnchorConverter$AnchorTypeAndValue.class */
    public static class AnchorTypeAndValue {
        private final AnchorType anchorType;
        private final String value;

        private AnchorTypeAndValue(AnchorType anchorType, String str) {
            this.anchorType = anchorType;
            this.value = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Anchor convert(AttrProto.Anchor anchor) throws CertificateException, IOException {
        List<X509Certificate> convertCertificates = convertCertificates(anchor);
        AnchorTypeAndValue determineAnchorType = determineAnchorType(convertCertificates);
        return new SimpleAnchor(determineAnchorType.anchorType.name(), anchor.getSubType(), determineAnchorType.value, convertCertificates, convertSignedTimestamp(anchor.getSignedTimeStamp()));
    }

    private List<X509Certificate> convertCertificates(AttrProto.Anchor anchor) throws CertificateException {
        ArrayList arrayList = new ArrayList();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        Iterator<ByteString> it = anchor.getOriginServerCertsList().iterator();
        while (it.hasNext()) {
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(it.next().toByteArray())));
        }
        return arrayList;
    }

    private AnchorTypeAndValue determineAnchorType(List<X509Certificate> list) throws IOException {
        for (X509Certificate x509Certificate : list) {
            for (AnchorType anchorType : AnchorType.values()) {
                String findExtension = findExtension(x509Certificate, anchorType);
                if (findExtension != null) {
                    return new AnchorTypeAndValue(anchorType, findExtension);
                }
            }
        }
        return new AnchorTypeAndValue(AnchorType.UNKNOWN, "");
    }

    private String findExtension(X509Certificate x509Certificate, AnchorType anchorType) throws IOException {
        DEROctetString fromByteArray;
        byte[] extensionValue = x509Certificate.getExtensionValue(anchorType.extensionOid);
        if (extensionValue == null || (fromByteArray = ASN1Primitive.fromByteArray(extensionValue)) == null || !(fromByteArray instanceof DEROctetString)) {
            return null;
        }
        Enumeration objects = ASN1Primitive.fromByteArray(fromByteArray.getOctets()).getObjects();
        if (!objects.hasMoreElements()) {
            return null;
        }
        String str = new String(DEROctetString.getInstance((ASN1TaggedObject) objects.nextElement(), false).getOctets(), YotiConstants.DEFAULT_CHARSET);
        LOG.debug("Anchor certificate type: '{}' for extension: {}", str, anchorType.extensionOid);
        return str;
    }

    private SignedTimestamp convertSignedTimestamp(ByteString byteString) throws InvalidProtocolBufferException {
        SignedTimestampProto.SignedTimestamp parseFrom = SignedTimestampProto.SignedTimestamp.parseFrom(byteString);
        return new SignedTimestampValue(parseFrom.getVersion(), DateTimeValue.from(parseFrom.getTimestamp()));
    }
}
