package se.arkalix.security.identity;

import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Optional;
import se.arkalix.internal.net.dns.DnsNames;
import se.arkalix.internal.security.identity.X509Names;

/* loaded from: input_file:se/arkalix/security/identity/SystemIdentity.class */
public class SystemIdentity extends TrustedIdentity {
    private final String systemName;
    private final String cloudName;
    private final String companyName;
    private final String masterName;
    private boolean isVerified;

    public SystemIdentity(Certificate[] certificateArr) {
        super(certificateArr);
        this.isVerified = false;
        String[] resolveNames = resolveNames();
        this.systemName = resolveNames[0];
        this.cloudName = resolveNames[1];
        this.companyName = resolveNames[2];
        this.masterName = resolveNames[3];
    }

    public SystemIdentity(X509Certificate[] x509CertificateArr) {
        super(x509CertificateArr);
        this.isVerified = false;
        String[] resolveNames = resolveNames();
        this.systemName = resolveNames[0];
        this.cloudName = resolveNames[1];
        this.companyName = resolveNames[2];
        this.masterName = resolveNames[3];
    }

    public SystemIdentity(TrustedIdentity trustedIdentity) {
        super(trustedIdentity.chain, 0);
        this.isVerified = false;
        String[] resolveNames = resolveNames();
        this.systemName = resolveNames[0];
        this.cloudName = resolveNames[1];
        this.companyName = resolveNames[2];
        this.masterName = resolveNames[3];
    }

    private String[] resolveNames() {
        String commonName = commonName();
        try {
            List<String> splitName = DnsNames.splitName(commonName, 4);
            if (splitName.size() != 4) {
                throw new IllegalArgumentException("The common name \"" + commonName + "\" of the provided identity is not a valid Arrowhead system certificate name; expected it to be on the form \"<system>.<cloud>.<company>.<master>\", where each part except the last consists of a single DNS label");
            }
            return (String[]) splitName.toArray(new String[0]);
        } catch (IllegalArgumentException e) {
            throw new IllegalArgumentException("The common name \"" + commonName + "\" of the provided identity is not a valid DNS name", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SystemIdentity(SystemIdentity systemIdentity) {
        super(systemIdentity.chain, systemIdentity.chainOffset);
        this.isVerified = false;
        this.systemName = systemIdentity.systemName;
        this.cloudName = systemIdentity.cloudName;
        this.companyName = systemIdentity.companyName;
        this.masterName = systemIdentity.masterName;
        this.isVerified = systemIdentity.isVerified;
    }

    @Override // se.arkalix.security.identity.TrustedIdentity
    protected int minimumChainLength() {
        return 2;
    }

    public static Optional<SystemIdentity> tryFrom(Certificate[] certificateArr) {
        if (certificateArr == null) {
            return Optional.empty();
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
        for (int i = 0; i < certificateArr.length; i++) {
            if (!(certificateArr[i] instanceof X509Certificate)) {
                return Optional.empty();
            }
            x509CertificateArr[i] = (X509Certificate) certificateArr[i];
        }
        if (certificateArr.length < 2) {
            return Optional.empty();
        }
        Optional<String> commonNameOf = X509Names.commonNameOf(x509CertificateArr[0].getSubjectX500Principal().getName());
        if (commonNameOf.isEmpty()) {
            return Optional.empty();
        }
        try {
            List<String> splitName = DnsNames.splitName(commonNameOf.get(), 4);
            return splitName.size() != 4 ? Optional.empty() : Optional.of(new SystemIdentity(x509CertificateArr, (String[]) splitName.toArray(new String[0])));
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }

    private SystemIdentity(X509Certificate[] x509CertificateArr, String[] strArr) {
        super(x509CertificateArr, 0);
        this.isVerified = false;
        this.systemName = strArr[0];
        this.cloudName = strArr[1];
        this.companyName = strArr[2];
        this.masterName = strArr[3];
    }

    public String name() {
        return this.systemName;
    }

    public TrustedIdentity cloud() {
        return issuer().orElseThrow(() -> {
            return new IllegalStateException("No cloud certificate available; this should be impossible");
        });
    }

    public String cloudName() {
        return this.cloudName;
    }

    public String companyName() {
        return this.companyName;
    }

    public String masterName() {
        return this.masterName;
    }
}
