package com.dstc.security.certpath;

import com.dstc.security.common.OID;
import java.math.BigInteger;
import java.security.cert.X509Certificate;
import java.util.Arrays;

/* loaded from: input_file:com/dstc/security/certpath/X509CertSelector.class */
public class X509CertSelector {
    private String issuer = null;
    private BigInteger serialNumber = null;
    private byte[] ski = null;

    private boolean checkIssuerDN(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerDN().getName().equals(this.issuer);
    }

    private boolean checkSerialNumber(X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber().equals(this.serialNumber);
    }

    private boolean checkSubjectKeyIdentifier(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(OID.subjectKeyIdentifier);
        if (extensionValue == null) {
            return false;
        }
        byte[] bArr = new byte[extensionValue.length - 4];
        System.arraycopy(extensionValue, 4, bArr, 0, bArr.length);
        return Arrays.equals(this.ski, bArr);
    }

    public boolean match(X509Certificate x509Certificate) {
        if (this.issuer != null && !checkIssuerDN(x509Certificate)) {
            return false;
        }
        if (this.serialNumber != null && !checkSerialNumber(x509Certificate)) {
            return false;
        }
        if (this.ski == null) {
            return true;
        }
        System.out.println("Sel:ski");
        return checkSubjectKeyIdentifier(x509Certificate);
    }

    public void setIssuerDN(String str) {
        this.issuer = str;
    }

    public void setSerialNumber(BigInteger bigInteger) {
        this.serialNumber = bigInteger;
    }

    public void setSubjectKeyIdentifier(byte[] bArr) {
        this.ski = bArr;
    }
}
