package com.xone.android.dniemanager;

import com.xone.android.dniemanager.card.DnieCardConstants;
import com.xone.android.dniemanager.data.DG1;
import com.xone.android.dniemanager.data.DG11;
import com.xone.android.dniemanager.data.DG13;
import com.xone.android.dniemanager.data.DG2;
import com.xone.android.dniemanager.data.DG7;
import com.xone.android.dniemanager.data.Efcom;
import com.xone.android.dniemanager.tools.DnieTools;
import java.net.URI;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.PKIXRevocationChecker;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.HashSet;

/* loaded from: classes2.dex */
public class DnieReadResult {
    private X509Certificate authenticationCertificate;
    private X509Certificate[] authenticationCertificateChain;
    private PrivateKey authenticationPrivateKey;
    private PublicKey authenticationPublicKey;
    private DG1 dataGroup1;
    private DG11 dataGroup11;
    private DG13 dataGroup13;
    private DG2 dataGroup2;
    private DG7 dataGroup7;
    private Efcom efcom;
    private X509Certificate signatureCertificate;
    private X509Certificate[] signatureCertificateChain;
    private PrivateKey signaturePrivateKey;
    private PublicKey signaturePublicKey;

    private static void validateCertificate(X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) throws CertificateException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CertPathValidatorException {
        CertPath generateCertPath = CertificateFactory.getInstance("X.509").generateCertPath(Arrays.asList(x509CertificateArr));
        CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
        PKIXRevocationChecker pKIXRevocationChecker = (PKIXRevocationChecker) certPathValidator.getRevocationChecker();
        URI ocspResponderUrl = DnieTools.getOcspResponderUrl(x509Certificate);
        if (ocspResponderUrl == null) {
            throw new SecurityException("Cannot obtain OCSP URI");
        }
        pKIXRevocationChecker.setOcspResponder(ocspResponderUrl);
        HashSet hashSet = new HashSet();
        hashSet.add(new TrustAnchor(DnieCardConstants.DNIE_ROOT_CERTIFICATE, null));
        PKIXParameters pKIXParameters = new PKIXParameters(hashSet);
        pKIXParameters.setRevocationEnabled(false);
        pKIXParameters.addCertPathChecker(pKIXRevocationChecker);
        if (certPathValidator.validate(generateCertPath, pKIXParameters) == null) {
            throw new SecurityException("Error validating certificates");
        }
    }

    public X509Certificate getAuthenticationCertificate() {
        return this.authenticationCertificate;
    }

    public X509Certificate[] getAuthenticationCertificateChain() {
        return this.authenticationCertificateChain;
    }

    public PrivateKey getAuthenticationPrivateKey() {
        return this.authenticationPrivateKey;
    }

    public PublicKey getAuthenticationPublicKey() {
        return this.authenticationPublicKey;
    }

    public DG1 getDataGroup1() {
        return this.dataGroup1;
    }

    public DG11 getDataGroup11() {
        return this.dataGroup11;
    }

    public DG13 getDataGroup13() {
        return this.dataGroup13;
    }

    public DG2 getDataGroup2() {
        return this.dataGroup2;
    }

    public DG7 getDataGroup7() {
        return this.dataGroup7;
    }

    public Efcom getEfcom() {
        return this.efcom;
    }

    public byte[] getEfcomBytes() {
        return this.efcom.getBytes();
    }

    public String getLDSVersion() {
        return this.efcom.getLDSVersion();
    }

    public X509Certificate getSignatureCertificate() {
        return this.signatureCertificate;
    }

    public X509Certificate[] getSignatureCertificateChain() {
        return this.signatureCertificateChain;
    }

    public PrivateKey getSignaturePrivateKey() {
        return this.signaturePrivateKey;
    }

    public PublicKey getSignaturePublicKey() {
        return this.signaturePublicKey;
    }

    public byte[] getTagList() {
        return this.efcom.getTagList();
    }

    public String getUnicodeVersion() {
        return this.efcom.getUnicodeVersion();
    }

    public void setAuthenticationCertificate(X509Certificate x509Certificate) {
        this.authenticationCertificate = x509Certificate;
    }

    public void setAuthenticationCertificateChain(X509Certificate[] x509CertificateArr) {
        this.authenticationCertificateChain = x509CertificateArr;
    }

    public void setAuthenticationPrivateKey(PrivateKey privateKey) {
        this.authenticationPrivateKey = privateKey;
    }

    public void setAuthenticationPublicKey(PublicKey publicKey) {
        this.authenticationPublicKey = publicKey;
    }

    public void setDataGroup1(DG1 dg1) {
        this.dataGroup1 = dg1;
    }

    public void setDataGroup11(DG11 dg11) {
        this.dataGroup11 = dg11;
    }

    public void setDataGroup13(DG13 dg13) {
        this.dataGroup13 = dg13;
    }

    public void setDataGroup2(DG2 dg2) {
        this.dataGroup2 = dg2;
    }

    public void setDataGroup7(DG7 dg7) {
        this.dataGroup7 = dg7;
    }

    public void setEfcom(Efcom efcom) {
        this.efcom = efcom;
    }

    public void setSignatureCertificate(X509Certificate x509Certificate) {
        this.signatureCertificate = x509Certificate;
    }

    public void setSignatureCertificateChain(X509Certificate[] x509CertificateArr) {
        this.signatureCertificateChain = x509CertificateArr;
    }

    public void setSignaturePrivateKey(PrivateKey privateKey) {
        this.signaturePrivateKey = privateKey;
    }

    public void setSignaturePublicKey(PublicKey publicKey) {
        this.signaturePublicKey = publicKey;
    }

    public void validateCertificates() throws CertificateException, NoSuchAlgorithmException, CertPathValidatorException, InvalidAlgorithmParameterException {
        X509Certificate x509Certificate;
        X509Certificate x509Certificate2;
        X509Certificate[] x509CertificateArr = this.authenticationCertificateChain;
        if (x509CertificateArr != null && (x509Certificate2 = this.authenticationCertificate) != null) {
            validateCertificate(x509CertificateArr, x509Certificate2);
        }
        X509Certificate[] x509CertificateArr2 = this.signatureCertificateChain;
        if (x509CertificateArr2 == null || (x509Certificate = this.signatureCertificate) == null) {
            return;
        }
        validateCertificate(x509CertificateArr2, x509Certificate);
    }
}
