package org.ejbca.core.protocol.ws.client;

import java.io.IOException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import org.cesecore.certificates.certificate.request.RequestMessageUtils;
import org.cesecore.keys.util.KeyTools;
import org.cesecore.util.CertTools;
import org.cesecore.util.CryptoProviderTools;
import org.cesecore.util.FileTools;
import org.ejbca.cvc.CVCAuthenticatedRequest;
import org.ejbca.cvc.CVCObject;
import org.ejbca.cvc.CVCertificate;
import org.ejbca.cvc.CardVerifiableCertificate;
import org.ejbca.cvc.CertificateParser;
import org.ejbca.cvc.exception.CvcException;
import org.ejbca.ui.cli.ErrorAdminCommandException;
import org.ejbca.ui.cli.IAdminCommand;
import org.ejbca.ui.cli.IllegalAdminCommandException;

/* loaded from: input_file:org/ejbca/core/protocol/ws/client/CvcPrintCommand.class */
public class CvcPrintCommand extends EJBCAWSRABaseCommand implements IAdminCommand {
    public CvcPrintCommand(String[] strArr) {
        super(strArr);
    }

    public void execute() throws IllegalAdminCommandException, ErrorAdminCommandException {
        try {
            if (this.args.length < 2 || this.args.length > 4) {
                usage();
                System.exit(-1);
            }
            CryptoProviderTools.installBCProvider();
            String str = this.args[1];
            getPrintStream().println("Printing CV Certificate: " + str);
            CVCAuthenticatedRequest cVCObject = getCVCObject(str);
            getPrintStream().println(cVCObject.getAsText(""));
            if (this.args.length > 2) {
                String str2 = this.args[2];
                getPrintStream().println("Verifying " + (cVCObject instanceof CVCAuthenticatedRequest ? "authenticated request" : "certificate") + " " + str + " with certificate " + str2);
                PublicKey publicKey = getCVCObject(str2).getCertificateBody().getPublicKey();
                if (this.args.length > 3) {
                    String str3 = this.args[3];
                    getPrintStream().println("Using CVCA certificate " + str3 + " for EC parameters.");
                    publicKey = KeyTools.getECPublicKeyWithParams(publicKey, getCVCObject(str3).getCertificateBody().getPublicKey());
                }
                try {
                    if (cVCObject instanceof CVCAuthenticatedRequest) {
                        cVCObject.verify(publicKey);
                    } else {
                        new CardVerifiableCertificate((CVCertificate) cVCObject).verify(publicKey);
                    }
                    getPrintStream().println("Verification of certificate was successful");
                } catch (Exception e) {
                    getPrintStream().println("Verification of certificate failed: " + e.getMessage());
                }
            }
        } catch (Exception e2) {
            throw new ErrorAdminCommandException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static CVCObject getCVCObject(String str) throws IOException, CvcException, CertificateException {
        CVCObject parseCVCObject;
        try {
            parseCVCObject = CertificateParser.parseCVCObject(FileTools.readFiletoBuffer(str));
        } catch (Exception e) {
            try {
                parseCVCObject = CertificateParser.parseCVCObject(((Certificate) CertTools.getCertsFromPEM(str).iterator().next()).getEncoded());
            } catch (Exception e2) {
                parseCVCObject = CertificateParser.parseCVCObject(RequestMessageUtils.getRequestBytes(FileTools.readFiletoBuffer(str)));
            }
        }
        return parseCVCObject;
    }

    @Override // org.ejbca.core.protocol.ws.client.EJBCAWSRABaseCommand
    protected void usage() {
        getPrintStream().println("Command used to pretty print a CVC certificate or request.");
        getPrintStream().println("Usage : cvcprint <filename> [verifycert] [CVCA-certificate for EC params]\n\n");
        getPrintStream().println("If adding the optional parameter verifycert the program tries to verify a certifcate given as filename with the certificate given as verifycert.");
        getPrintStream().println("If verifying an IS cert with a DV cert no curve parameters exist in the public key in the certificate, you can therefore add the CVCA certificate to complete the public key.");
    }
}
