package org.globus.gridshib.security.x509;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.X509Certificate;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.ASN1InputStream;
import org.globus.opensaml11.saml.SAMLAssertion;
import org.globus.opensaml11.saml.SAMLException;
import org.globus.opensaml11.saml.SAMLSubjectAssertion;

/* loaded from: input_file:org/globus/gridshib/security/x509/SAMLX509Extension.class */
public final class SAMLX509Extension extends NonCriticalX509Extension {
    static Log logger;
    public static final String OID = "1.3.6.1.4.1.3536.1.1.1.12";
    public static final String LEGACY_OID = "1.3.6.1.4.1.3536.1.1.1.10";
    static Class class$org$globus$gridshib$security$x509$SAMLX509Extension;

    public SAMLX509Extension() {
        super(OID);
    }

    public SAMLX509Extension(SAMLAssertion sAMLAssertion) throws IOException {
        super(OID, encodeDERUTF8String(sAMLAssertion.toString()));
        if (sAMLAssertion instanceof SAMLSubjectAssertion) {
            return;
        }
        logger.warn("The argument to this constructor is not a SAMLSubjectAssertion instance");
    }

    public void setOid(String str) {
    }

    public static byte[] getExtensionValue(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = getExtensionValue(x509Certificate, OID);
        if (extensionValue == null) {
            logger.debug(new StringBuffer().append("No standard extension value found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
            return null;
        }
        logger.debug(new StringBuffer().append("Standard extension value found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
        return extensionValue;
    }

    public static byte[] getLegacyExtensionValue(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = getExtensionValue(x509Certificate, LEGACY_OID);
        if (extensionValue == null) {
            logger.debug(new StringBuffer().append("No legacy extension value found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
            return null;
        }
        logger.debug(new StringBuffer().append("Legacy extension value found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
        return extensionValue;
    }

    public static SAMLSubjectAssertion getSAMLAssertion(X509Certificate x509Certificate) throws IOException, SAMLException {
        byte[] extensionValue = getExtensionValue(x509Certificate);
        if (extensionValue != null) {
            String string = new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject().getString();
            logger.debug(new StringBuffer().append("Cert contains the following assertion: ").append(string).toString());
            return new SAMLSubjectAssertion(new ByteArrayInputStream(string.getBytes()));
        }
        logger.debug("No standard SAML extension found in cert");
        byte[] legacyExtensionValue = getLegacyExtensionValue(x509Certificate);
        if (legacyExtensionValue == null) {
            logger.debug("No legacy SAML extension found in cert");
            return null;
        }
        SAMLSubjectAssertion sAMLSubjectAssertion = new SAMLSubjectAssertion(new ByteArrayInputStream(legacyExtensionValue));
        logger.debug(new StringBuffer().append("Cert contains the following assertion: ").append(sAMLSubjectAssertion.toString()).toString());
        return sAMLSubjectAssertion;
    }

    public static boolean hasSAMLExtension(X509Certificate x509Certificate) {
        if (hasNonCriticalExtension(x509Certificate, OID)) {
            logger.debug(new StringBuffer().append("Extension found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
            return true;
        }
        if (!hasNonCriticalExtension(x509Certificate, LEGACY_OID)) {
            logger.debug(new StringBuffer().append("SAML extension not found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
            return false;
        }
        logger.debug(new StringBuffer().append("Legacy extension found for cert ").append(x509Certificate.getSerialNumber().toString()).toString());
        return true;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$globus$gridshib$security$x509$SAMLX509Extension == null) {
            cls = class$("org.globus.gridshib.security.x509.SAMLX509Extension");
            class$org$globus$gridshib$security$x509$SAMLX509Extension = cls;
        } else {
            cls = class$org$globus$gridshib$security$x509$SAMLX509Extension;
        }
        logger = LogFactory.getLog(cls.getName());
    }
}
