package org.xipki.ca.api;

import java.math.BigInteger;
import java.util.Arrays;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.xipki.security.X509Cert;
import org.xipki.security.util.X509Util;
import org.xipki.util.Args;
import org.xipki.util.ConfPairs;
import org.xipki.util.exception.ErrorCode;
import org.xipki.util.exception.OperationException;

/* loaded from: input_file:org/xipki/ca/api/PublicCaInfo.class */
public class PublicCaInfo {
    private final X500Name subject;
    private final String c14nSubject;
    private final byte[] subjectKeyIdentifier;
    private final GeneralNames subjectAltName;
    private final X500Name issuer;
    private final BigInteger serialNumber;
    private final X509Cert caCert;
    private X509Cert crlSignerCert;
    private final CaUris caUris;
    private final ConfPairs extraControl;

    public PublicCaInfo(X509Cert x509Cert, CaUris caUris, ConfPairs confPairs) throws OperationException {
        this.caCert = (X509Cert) Args.notNull(x509Cert, "caCert");
        this.caUris = caUris == null ? CaUris.EMPTY_INSTANCE : caUris;
        this.issuer = x509Cert.getIssuer();
        this.serialNumber = x509Cert.getSerialNumber();
        this.subject = x509Cert.getSubject();
        this.c14nSubject = X509Util.canonicalizeName(this.subject);
        this.subjectKeyIdentifier = x509Cert.getSubjectKeyId();
        this.extraControl = confPairs;
        byte[] extensionCoreValue = x509Cert.getExtensionCoreValue(Extension.subjectAlternativeName);
        if (extensionCoreValue == null) {
            this.subjectAltName = null;
        } else {
            try {
                this.subjectAltName = GeneralNames.getInstance(extensionCoreValue);
            } catch (RuntimeException e) {
                throw new OperationException(ErrorCode.INVALID_EXTENSION, "invalid SubjectAltName extension in CA certificate");
            }
        }
    }

    public PublicCaInfo(X500Name x500Name, X500Name x500Name2, BigInteger bigInteger, GeneralNames generalNames, byte[] bArr, CaUris caUris, ConfPairs confPairs) {
        this.subject = (X500Name) Args.notNull(x500Name, "subject");
        this.issuer = (X500Name) Args.notNull(x500Name2, "issuer");
        this.serialNumber = (BigInteger) Args.notNull(bigInteger, "serialNumber");
        this.caUris = caUris == null ? CaUris.EMPTY_INSTANCE : caUris;
        this.caCert = null;
        this.c14nSubject = X509Util.canonicalizeName(x500Name);
        this.subjectKeyIdentifier = bArr == null ? null : Arrays.copyOf(bArr, bArr.length);
        this.subjectAltName = generalNames;
        this.extraControl = confPairs;
    }

    public CaUris getCaUris() {
        return this.caUris;
    }

    public X509Cert getCrlSignerCert() {
        return this.crlSignerCert;
    }

    public void setCrlSignerCert(X509Cert x509Cert) {
        this.crlSignerCert = this.caCert.equals(x509Cert) ? null : x509Cert;
    }

    public X500Name getSubject() {
        return this.subject;
    }

    public X500Name getIssuer() {
        return this.issuer;
    }

    public String getC14nSubject() {
        return this.c14nSubject;
    }

    public GeneralNames getSubjectAltName() {
        return this.subjectAltName;
    }

    public byte[] getSubjectKeyIdentifer() {
        if (this.subjectKeyIdentifier == null) {
            return null;
        }
        return Arrays.copyOf(this.subjectKeyIdentifier, this.subjectKeyIdentifier.length);
    }

    public BigInteger getSerialNumber() {
        return this.serialNumber;
    }

    public X509Cert getCaCert() {
        return this.caCert;
    }

    public ConfPairs getExtraControl() {
        return this.extraControl;
    }
}
