package com.webauthn4j.data.attestation.statement;

import com.webauthn4j.data.attestation.statement.AttestationCertificate;
import com.webauthn4j.validator.exception.CertificateException;
import java.io.Serializable;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.naming.InvalidNameException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;

/* loaded from: classes.dex */
public class AttestationCertificate implements Serializable {
    private static final int CERTIFICATE_VERSION_3 = 3;
    private static final int NON_CA = -1;
    private final X509Certificate certificate;

    public AttestationCertificate(X509Certificate x509Certificate) {
        this.certificate = x509Certificate;
    }

    private static Map<String, Object> toMap(Rdn rdn) {
        try {
            HashMap hashMap = new HashMap();
            Attributes attributes = rdn.toAttributes();
            NamingEnumeration iDs = rdn.toAttributes().getIDs();
            while (iDs.hasMore()) {
                String str = (String) iDs.next();
                hashMap.put(str, attributes.get(str).get());
            }
            return hashMap;
        } catch (NamingException e) {
            throw new IllegalArgumentException((Throwable) e);
        }
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        return Objects.equals(this.certificate, ((AttestationCertificate) obj).certificate);
    }

    public X509Certificate getCertificate() {
        return this.certificate;
    }

    public String getSubjectCommonName() {
        return getValue("CN");
    }

    public String getSubjectCountry() {
        return getValue("C");
    }

    public String getSubjectOrganization() {
        return getValue("O");
    }

    public String getSubjectOrganizationUnit() {
        return getValue("OU");
    }

    public String getValue(String str) {
        try {
            return (String) ((Map) new LdapName(getCertificate().getSubjectX500Principal().getName()).getRdns().stream().flatMap(new Function() { // from class: i.d.d.a.a.a
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    Stream stream;
                    stream = AttestationCertificate.toMap((Rdn) obj).entrySet().stream();
                    return stream;
                }
            }).collect(Collectors.toMap(new Function() { // from class: i.d.d.a.a.b
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return (String) ((Map.Entry) obj).getKey();
                }
            }, new Function() { // from class: i.d.d.a.a.c
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return ((Map.Entry) obj).getValue();
                }
            }))).get(str);
        } catch (InvalidNameException e) {
            throw new IllegalArgumentException((Throwable) e);
        }
    }

    public int hashCode() {
        return Objects.hash(this.certificate);
    }

    public void validate() {
        if (this.certificate.getVersion() != 3) {
            throw new CertificateException("Attestation certificate must be version 3");
        }
        String subjectCountry = getSubjectCountry();
        if (subjectCountry == null || subjectCountry.isEmpty()) {
            throw new CertificateException("Subject-C must be present");
        }
        String subjectOrganization = getSubjectOrganization();
        if (subjectOrganization == null || subjectOrganization.isEmpty()) {
            throw new CertificateException("Subject-O must be present");
        }
        String subjectOrganizationUnit = getSubjectOrganizationUnit();
        if (subjectOrganizationUnit == null || !subjectOrganizationUnit.equals("Authenticator Attestation")) {
            throw new CertificateException("Subject-OU must be present");
        }
        String subjectCommonName = getSubjectCommonName();
        if (subjectCommonName == null || subjectCommonName.isEmpty()) {
            throw new CertificateException("Subject-CN must be present");
        }
        if (this.certificate.getBasicConstraints() != NON_CA) {
            throw new CertificateException("Attestation certificate must not be CA certificate");
        }
    }
}
