package com.dmdirc.ui.core.dialogs.sslcertificate;

import com.dmdirc.CertificateManager;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:com/dmdirc/ui/core/dialogs/sslcertificate/SSLCertificateDialogModel.class */
public class SSLCertificateDialogModel {
    private final X509Certificate[] chain;
    private final CertificateManager manager;
    private final List<CertificateException> problems;
    private static final String NOTPRESENT = "(not present on certificate)";

    public SSLCertificateDialogModel(X509Certificate[] x509CertificateArr, List<CertificateException> list, CertificateManager certificateManager) {
        this.chain = x509CertificateArr;
        this.problems = list;
        this.manager = certificateManager;
    }

    public List<CertificateChainEntry> getCertificateChain() {
        ArrayList arrayList = new ArrayList();
        boolean z = true;
        for (X509Certificate x509Certificate : this.chain) {
            boolean z2 = z && !this.manager.isValidHost(x509Certificate);
            z = false;
            try {
                x509Certificate.checkValidity();
            } catch (CertificateException e) {
                z2 |= true;
            }
            arrayList.add(new CertificateChainEntry(CertificateManager.getDNFieldsFromCert(x509Certificate).get("CN"), this.manager.isTrusted(x509Certificate).isTrusted(), z2));
        }
        return arrayList;
    }

    public List<List<CertificateInformationEntry>> getCertificateInfo(int i) {
        ArrayList arrayList = new ArrayList();
        X509Certificate x509Certificate = this.chain[i];
        boolean z = false;
        boolean z2 = false;
        try {
            x509Certificate.checkValidity();
        } catch (CertificateExpiredException e) {
            z = true;
        } catch (CertificateNotYetValidException e2) {
            z2 = true;
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(new CertificateInformationEntry("Valid from", x509Certificate.getNotBefore().toString(), z2, false));
        arrayList2.add(new CertificateInformationEntry("Valid to", x509Certificate.getNotAfter().toString(), z, false));
        arrayList.add(arrayList2);
        boolean z3 = i == 0 && !this.manager.isValidHost(x509Certificate);
        String alternateNames = getAlternateNames(x509Certificate);
        Map<String, String> dNFieldsFromCert = CertificateManager.getDNFieldsFromCert(x509Certificate);
        ArrayList arrayList3 = new ArrayList();
        addCertField(dNFieldsFromCert, arrayList3, "Common name", "CN", z3);
        arrayList3.add(new CertificateInformationEntry("Alternate names", alternateNames == null ? NOTPRESENT : alternateNames, z3, alternateNames == null));
        addCertField(dNFieldsFromCert, arrayList3, "Organisation", "O", false);
        addCertField(dNFieldsFromCert, arrayList3, "Unit", "OU", false);
        addCertField(dNFieldsFromCert, arrayList3, "Locality", "L", false);
        addCertField(dNFieldsFromCert, arrayList3, "State", "ST", false);
        addCertField(dNFieldsFromCert, arrayList3, "Country", "C", false);
        arrayList.add(arrayList3);
        ArrayList arrayList4 = new ArrayList();
        arrayList4.add(new CertificateInformationEntry("Serial number", x509Certificate.getSerialNumber().toString(), false, false));
        arrayList4.add(new CertificateInformationEntry("Algorithm", x509Certificate.getSigAlgName(), false, false));
        arrayList4.add(new CertificateInformationEntry("SSL version", String.valueOf(x509Certificate.getVersion()), false, false));
        arrayList.add(arrayList4);
        return arrayList;
    }

    protected String getAlternateNames(X509Certificate x509Certificate) {
        StringBuilder sb = new StringBuilder();
        if (x509Certificate.getSubjectAlternativeNames() == null) {
            return null;
        }
        for (List<?> list : x509Certificate.getSubjectAlternativeNames()) {
            int intValue = ((Integer) list.get(0)).intValue();
            if (intValue == 2 || intValue == 7) {
                if (sb.length() > 0) {
                    sb.append(", ");
                }
                sb.append(list.get(1));
            }
        }
        return sb.toString();
    }

    protected void addCertField(Map<String, String> map, List<CertificateInformationEntry> list, String str, String str2, boolean z) {
        list.add(new CertificateInformationEntry(str, map.containsKey(str2) ? map.get(str2) : NOTPRESENT, z, !map.containsKey(str2)));
    }

    public List<CertificateSummaryEntry> getSummary() {
        ArrayList arrayList = new ArrayList();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        for (CertificateException certificateException : this.problems) {
            if ((certificateException instanceof CertificateExpiredException) || (certificateException instanceof CertificateNotYetValidException)) {
                z = true;
            } else if (certificateException instanceof CertificateManager.CertificateDoesntMatchHostException) {
                z2 = true;
            } else if (certificateException instanceof CertificateManager.CertificateNotTrustedException) {
                z3 = true;
            }
        }
        if (z) {
            arrayList.add(new CertificateSummaryEntry("One or more certificates are not within their validity period", false));
        } else {
            arrayList.add(new CertificateSummaryEntry("All certificates are within their validity period", true));
        }
        if (z3) {
            arrayList.add(new CertificateSummaryEntry("The certificate is not issued by a trusted authority", false));
        } else {
            arrayList.add(new CertificateSummaryEntry("The certificate chain is trusted", true));
        }
        if (z2) {
            arrayList.add(new CertificateSummaryEntry("The certificate is not issued to the host you are connecting to", false));
        } else {
            arrayList.add(new CertificateSummaryEntry("The certificate is issued to the host you are connecting to", true));
        }
        return arrayList;
    }

    public boolean needsResponse() {
        return !this.problems.isEmpty();
    }

    public String getServerName() {
        return this.manager.getServerName();
    }

    public void performAction(CertificateAction certificateAction) {
        if (!needsResponse()) {
            throw new IllegalStateException("Can't perform action when no action is needed");
        }
        this.manager.setAction(certificateAction);
    }
}
