package org.eclipse.hono.util;

import io.vertx.core.json.JsonObject;
import java.io.ByteArrayInputStream;
import java.net.URI;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/util/RevocableTrustAnchor.class */
public class RevocableTrustAnchor extends TrustAnchor {
    private static final Logger LOG = LoggerFactory.getLogger(RevocableTrustAnchor.class);
    private boolean ocspEnabled;
    private URI ocspResponderUri;
    private X509Certificate ocspResponderCert;
    private boolean ocspNonceEnabled;

    public RevocableTrustAnchor(X500Principal x500Principal, PublicKey publicKey, byte[] bArr) {
        super(x500Principal, publicKey, bArr);
    }

    public RevocableTrustAnchor(X500Principal x500Principal, PublicKey publicKey, byte[] bArr, JsonObject jsonObject) {
        super(x500Principal, publicKey, bArr);
        setRevocationProperties(jsonObject);
    }

    private void setRevocationProperties(JsonObject jsonObject) {
        this.ocspEnabled = ((Boolean) JsonHelper.getValue(jsonObject, "ocsp-revocation-enabled", Boolean.class, false)).booleanValue();
        this.ocspNonceEnabled = ((Boolean) JsonHelper.getValue(jsonObject, "ocsp-revocation-enabled", Boolean.class, false)).booleanValue();
        String str = (String) JsonHelper.getValue(jsonObject, "ocsp-responder-uri", String.class, null);
        if (str != null) {
            this.ocspResponderUri = URI.create(str);
        }
        byte[] bArr = (byte[]) JsonHelper.getValue(jsonObject, "ocsp-responder-cert", byte[].class, null);
        if (bArr != null) {
            try {
                this.ocspResponderCert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            } catch (CertificateException e) {
                LOG.error("failed to parse OCSP responder certificate", e);
            }
        }
        this.ocspNonceEnabled = ((Boolean) JsonHelper.getValue(jsonObject, "ocsp-nonce-enabled", Boolean.class, false)).booleanValue();
    }

    public boolean isOcspEnabled() {
        return this.ocspEnabled;
    }

    public void setOcspEnabled(boolean z) {
        this.ocspEnabled = z;
    }

    public URI getOcspResponderUri() {
        return this.ocspResponderUri;
    }

    public void setOcspResponderUri(URI uri) {
        this.ocspResponderUri = uri;
    }

    public X509Certificate getOcspResponderCert() {
        return this.ocspResponderCert;
    }

    public void setOcspResponderCert(X509Certificate x509Certificate) {
        this.ocspResponderCert = x509Certificate;
    }

    public boolean isOcspNonceEnabled() {
        return this.ocspNonceEnabled;
    }

    public void setOcspNonceEnabled(boolean z) {
        this.ocspNonceEnabled = z;
    }
}
